{"report_id":"6891f446-3ade-4240-b520-3536bd15a839","version":6,"status":"done","tags":[],"date":"2026-04-06T12:42:21Z","url":{"schema":"http","addr":"midnight-od.com","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"title":"Midnight TGE | Home","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"midnight-od.com","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:42:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-06","alert":"Hunting_JS_WebAssembly","trigger":"midnight-od.com/index_files/base.js.download","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"widget-v3.smartsuppcdn.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2018-11-20","domain_rank":532262,"first_seen":"2022-10-03T13:48:45Z","last_seen":"2026-04-02T05:21:49.969249Z","alert_count":0,"request_count":3,"received_data":324625,"sent_data":1365,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"www.smartsuppchat.com","ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2014-02-02","domain_rank":491650,"first_seen":"2017-01-30T05:24:57Z","last_seen":"2026-04-02T04:02:31.060082Z","alert_count":0,"request_count":1,"received_data":18549,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"websocket-visitors.smartsupp.com","ip":{"addr":"3.126.214.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2012-08-25","domain_rank":411464,"first_seen":"2021-07-12T07:42:32Z","last_seen":"2026-04-02T05:33:49.219687Z","alert_count":0,"request_count":1,"received_data":224,"sent_data":604,"comment":"","tags":null,"fingerprints":null},{"fqdn":"js.hsforms.net","ip":{"addr":"104.16.5.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-09-18","domain_rank":43845,"first_seen":"2013-09-26T02:52:40Z","last_seen":"2026-04-01T21:21:00.067546Z","alert_count":0,"request_count":1,"received_data":607326,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"yt3.ggpht.com","ip":{"addr":"142.251.38.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-01-16","domain_rank":1275,"first_seen":"2014-01-15T16:55:17Z","last_seen":"2026-04-06T02:33:34.366026Z","alert_count":0,"request_count":1,"received_data":2018,"sent_data":523,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cmp.osano.com","ip":{"addr":"52.84.50.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1999-10-18","domain_rank":23165,"first_seen":"2019-10-16T14:51:22Z","last_seen":"2026-04-01T17:48:38.255126Z","alert_count":0,"request_count":1,"received_data":251955,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"midnight-od.com","ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":190,"request_count":63,"received_data":6819376,"sent_data":31877,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"bootstrap.smartsuppchat.com","ip":{"addr":"18.193.21.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2014-02-02","domain_rank":425291,"first_seen":"2018-01-29T06:10:36Z","last_seen":"2026-04-02T04:02:30.881577Z","alert_count":0,"request_count":1,"received_data":1556,"sent_data":523,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.ytimg.com","ip":{"addr":"172.217.20.182","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2007-12-11","domain_rank":436,"first_seen":"2012-10-03T19:11:04Z","last_seen":"2026-04-06T01:16:43.899785Z","alert_count":0,"request_count":1,"received_data":24249,"sent_data":449,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":2,"received_data":32566,"sent_data":1058,"comment":"","tags":null,"fingerprints":null},{"fqdn":"translations.smartsuppcdn.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2018-11-20","domain_rank":560346,"first_seen":"2022-11-04T22:28:35Z","last_seen":"2026-04-02T05:21:49.935258Z","alert_count":0,"request_count":1,"received_data":7734,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"consent.api.osano.com","ip":{"addr":"54.240.174.46","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1999-10-18","domain_rank":52850,"first_seen":"2020-02-01T06:11:29Z","last_seen":"2026-04-03T13:06:09.01172Z","alert_count":0,"request_count":2,"received_data":1201,"sent_data":1044,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"action.dstillery.com","ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-07-10","domain_rank":53149,"first_seen":"2015-04-08T22:45:29Z","last_seen":"2026-04-04T16:26:26.137424Z","alert_count":0,"request_count":5,"received_data":2084,"sent_data":2364,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a5fb077740ed02c5706221bb88e53ca","sha1":"dfdc544df619b6f6df81cc22fd47ca44beee7c00","sha256":"8d840a7375ef69b00fb8837e5c920ba09b60bde7ae338505e99592005bb7e105","sha512":"05c563839d0bd7a7cd9df117890a4bafaaa4b689e2b32234e2509cd159f7778a73ab7210c296b229288509fd2af7ac1927a3841ae8972bd832a6e5b75ee78a26","ssdeep":"","tlshash":"d6e0ab3e3c3440945ba201f482b6e1283d1630304040d957889688aa1cf0fcabe019d8","size":418,"data":"","first_seen":"2026-04-06T12:42:55.065817Z","last_seen":"2026-04-06T13:01:00.106033Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"2b44274c0b7098708a3fb0e1a1ec873c","sha1":"294719059edfdb14c461172b3dd60061175db519","sha256":"6e54bec2de6f7bd3de53387cf18facdd35972e96c684f4116a698b739fd9c34e","sha512":"c2d931c0f4b160a9e156ec728dff4e49058165ec3632cff67a87917895c0c0b7a9cdb6d38162d5cc1fc4b5fc6332cb263ab75745120b046ff7eb73dc55248b93","ssdeep":"","tlshash":"89c0c0f340483c0ce3039140293302835f8303cd418abcc4e602c03312da6cd2620e5d","size":180,"data":"","first_seen":"2025-08-11T16:38:13.720776Z","last_seen":"2026-04-06T13:01:00.106732Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"542ad83f60f3695bae2118d29f94ee02","sha1":"7d8adf886392bea833d822082d8de66d1891b563","sha256":"4857544380b322ecbb6e2f8263319c96dde4728a9f26e5d3b354eb69150752eb","sha512":"d1493be9c3d83fcdf63bf0e433282af5fb6f595b287a23b00f525785ed07361cac24c3632cf4e9ba661a0f6c4899da893133f31a2828d32415b5dc4495ff1192","ssdeep":"","tlshash":"45c02bb6a08f0c05c10301801cf310f39bac051c4500f4c18f3bca38b2a855e20c0f9d","size":142,"data":"","first_seen":"2025-08-11T16:38:13.723296Z","last_seen":"2026-04-06T13:01:00.107466Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"218d24439d4e2c0990f35338a7ac220c","sha1":"5a7b913584c1244bf61beab9dc644204d130101c","sha256":"efb497f7159de26ea5e0521d675d909dc063e36d0d23c2ad96fa9109b73ee263","sha512":"17af39bfdc350c9d1f8dd74652641d0c028881ecb3935d2d9fdb763d24136665d135d00219aabac57693112e2314d4fa91b802ba2662a1580aa35c5e0b6e624b","ssdeep":"384:2/xzy2A3wyxNeBWbEgl/EuVaBWbE0rIcvqSI/aQ/UpG:2/xzy2A3wXscuVaAxka05","tlshash":"4182b7cc7691b16543ab61b4843f620ff1376929740d8865b965eae13cb8c8ed037fb8","size":18024,"data":"","first_seen":"2026-03-30T19:01:55.527327Z","last_seen":"2026-04-08T08:05:43.114956Z","times_seen":409,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","size":275,"data":"","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"b40cdc025a72d0b516bd11d9ef0a1776","sha1":"9cd34b30af473b8071638d82dcacef0373194aaf","sha256":"43ef2d3ec8d5b620ec8c5fc2bfc14c3a9836620f75a0a14a0c025ab753cf6f68","sha512":"ffad498a0fda3194476aee567df0b821e3c4886662a0dc72a53e8289c98fc3187b991df3da95f0bc2fe1b238d3478ccfac9d39a23fa2e7928ff3be8461110af9","ssdeep":"","tlshash":"3aa001f190d29c69e43741ab687511161bac490d0109014123a198e91162a098f48e8e","size":72,"data":"","first_seen":"2023-10-09T10:35:22Z","last_seen":"2026-04-08T07:47:14.126398Z","times_seen":79891,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac2e2b7da35909b4a9a8ca64d6c2152d","sha1":"d3ac721fae3856fbe5ba16f90a527d4bf71f4d88","sha256":"00c5be0a478f5f6b912bca3c1977345c0c330f6f3f1adf9b50bc3f340f24e913","sha512":"fa134dcd615d88988f7ac9a128c8d5fca462a418ca37d8d5c44826a7dda36ef68f7cee9fd7319282e86f259e9ddc9f0d882732913996d24c155532949d40f8c0","ssdeep":"","tlshash":"4ef0c804fc82fce6ac21ed5a71354da590c9ef7881d5d58896cec6c3c1a50780785a4f","size":562,"data":"","first_seen":"2025-08-11T16:38:13.72656Z","last_seen":"2026-04-06T13:01:00.108744Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9edbe183081f3b014b03f41bffdccc06","sha1":"3c5b2776b49b39ede9ada2c013d70618f10d3b1a","sha256":"1ffd4a3d29b30bd8a8d169ce102d55555440a3c15a63c59bc77c3fd223b23686","sha512":"ed94e751067fee33b1bf1aec7bfad477f67d1e76fac3b54bfa1f843bdb4f2d5b145114e496ef53095525478978acd6942e7e92c1a95e3d6dd8260c2208a7b146","ssdeep":"","tlshash":"53c04cf1f6d08cd614360a92caf72c1501d6dc2c5125e9041155d15c14f993cd4d1e4a","size":141,"data":"","first_seen":"2025-08-11T16:38:13.728997Z","last_seen":"2026-04-06T13:01:00.109966Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/869-a6ea874d4dd8aa27.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"75a5b759e0483f0c11720cb6f65d612d","sha1":"06e7db606639a36e180ce65713c82d186f5c1a3f","sha256":"6ae827d08904c561d71aff235bfedf7a2314cee32c1164a15969225478920a7e","sha512":"bd5c9c591dc0a20e4a67c2e2447c5d3149016fa67bf7070cf5a8c220ab096561c783758e30cc8999b013bfa33ffaf799ef42e9dc42f9674a6e00f255a335bc58","ssdeep":"192:ylmgoJsQ0mR92QJpMDTmFMmmNocVXM2oa/K7iCByx0:yQbEm72QrU+MTRG+K7fi0","tlshash":"5022544536a976e57acf249580ff980ff36f560c242c10b4e36098ba586e06e70b7fd9","size":10892,"data":"","first_seen":"2025-10-23T04:16:54.239254Z","last_seen":"2026-04-06T13:01:00.089591Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/zmIq31voDSWI8AGyiRJe9t7MieBaDmAxmnftlUj7E58.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"d601534c559fb0cc2f6015a6978a7d50","sha1":"6e2550f921267508905c29a80589a8be75b03f7e","sha256":"ce622adf5be80d2588f001b289125ef6decc89e05a0e60319a77ed9548fb139f","sha512":"4f02363996fbbf5950977e019fd23544394a8b51f3c6410c0feca817b33a1a1262bebe7b238b0d45d967bc49159dd5f6b83c76888a66aac0c1ba884309250ec9","ssdeep":"1536:jn1ZsieoP9oqsRFhyoXoumqlVS46ZLBUX2MtbnGj1E:7lonRFsoXoubMpLg2MOE","tlshash":"a34318dfb2c367351ae271e2009b600a52bba9559c981d5fbd01e6f41e31d87b02bf39","size":59229,"data":"","first_seen":"2025-07-26T08:13:23.535773Z","last_seen":"2026-04-06T13:01:00.083116Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"e18eb9d0972d240f1a5456179bb6523b","sha1":"65255f106adcff2907a98e295a8e7a38fe2884c4","sha256":"3d68db2b85d5a2915743399f09dc438963f0c50f68b02df05d47a372661603e8","sha512":"bcd5a6c26fa1f7a77f5614a7b28e238701d698cc0c96ac5d03d97628d8622125cd0cfdaf54b1db96ef25320a3fca7584abd343d67bdfb9f272ca3ef8572b360a","ssdeep":"","tlshash":"d4c04c38402080e98659101c7434fb80bd7d3b973163e047da3c621c65f5d017c94b11","size":134,"data":"","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-04-08T07:39:12.933267Z","times_seen":200522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9ff7f413d30cdbc6463c18a6c3791e8","sha1":"9c28f1ff7e039f01a486bed99957f8749330d3b1","sha256":"745cdbda5dd06cb22cbab6a7c45dd62e1b1d3af9eb62cac4fb12b5d99135d635","sha512":"3b3c1eda3c7f706ab65b74d9061c035eaac4bc6db255af5021bbcb25c248ac75f167acd1d5300ec7ac2eebcc8541fbed7dfb20a72f1b1415b241c0b8e72a8527","ssdeep":"","tlshash":"ad51de3d2805de4bec6d7d69027e6c3668c9497b0395cabc86c9cf044a4607d27dbec0","size":2939,"data":"","first_seen":"2025-08-11T16:38:13.731411Z","last_seen":"2026-04-06T13:01:00.11159Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"995840ed783d36e00e623dc431147cb2","sha1":"631bc0dee9df690114f66f10b80c92e229f6cb65","sha256":"ea482c7be25c985d951696bc9392766cb21510be7a52e330a8b09a9bb54c3cbd","sha512":"f6d77eac33e12c6a174d88917dc5a07d266f96261c71d8693da6023db8d08e846e84e9b10cf149807a815fb74bee932958ba0668c08b70bc87435ca625a5d313","ssdeep":"","tlshash":"ca41b20badc0ff606d69cdf512326e96e06fffb2c2b9c70dd90cb496d099129478a505","size":2172,"data":"","first_seen":"2025-08-11T16:38:13.733837Z","last_seen":"2026-04-06T13:01:00.112365Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/error-17280e138e94e511.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1518cad6b8e2833ddcc5dc93f32d7c6","sha1":"a1a2ff2b29a1fa065dba54039ea0c310c6ce5e98","sha256":"91f50578ec245e81772dfc954f059fa723454d646f729f2f17030a4f5827177c","sha512":"c935c159b80d2335e002e1da9b3682bbfa5229e99785b657c1709a50341bae046773b76bd847af3d04a2bcbaf9e2dd8ed20b9f4bd401cf161002776f528c2d37","ssdeep":"","tlshash":"cc016f45b485fe5ca95f0cd4217f940e706a2e5dad0d88a464f82c521c550ae7653fcd","size":818,"data":"","first_seen":"2025-10-23T04:16:54.868321Z","last_seen":"2026-04-06T13:01:00.071768Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7c4da28aedb607dadf443417d0aa066","sha1":"d4754b271a6f9d35f1aeaa242054ac7bc2bbf6f2","sha256":"95dad0cb3cd5bdea7930a1074b59036edc31afebd085d66840398c49e8abe254","sha512":"19ed582f43b0bc60356c8761fe57990047078b7db821fe4c2ccc4e10e57cb1c8adadebd6a86fa9ff9274ca8feeb9449151e62b897bb8e812e25dd3125e77d7c4","ssdeep":"","tlshash":"ae41900badc0ff606d65cdf512326e96e06fffb2c2b9c70dd90cb496d099129478a505","size":2172,"data":"","first_seen":"2025-08-11T16:38:13.736385Z","last_seen":"2026-04-06T13:01:00.112946Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/webpack-7858b7ed950ab990.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd84b37eb9286f35cd5c453592ed4aef","sha1":"596f0f56f403c4927979b5d5120b65ce0e4b6853","sha256":"0a2aaf4d203e7902f697cf38443772b209a3bb7f6ea99094931fa0836208086a","sha512":"860d56fdf92787364d126d50c03e3aaee0c99fcca069b8599404c46acdaa4377d712067d5f14df249ce08e90edd9f1b8835882674562f9010819def8939664b8","ssdeep":"96:BJ1hwBE9qkHAiR5mm0EE4G7lPEhyGVADcVNsSI2LDzN7LDBCMRJ+fP6pZxL:BtP9XAiPT0EE4G7ayGzQ0Dh5CM/+fyLl","tlshash":"adb1d7ee72a8f475179354a0443fe566f63e2472681ed0a0da1ed4f5bc30c998223fa8","size":5260,"data":"","first_seen":"2025-10-23T04:16:55.051652Z","last_seen":"2026-04-06T13:01:00.104257Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/cast_sender.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b427175fa1078775eb792756e7b6d1e7","sha1":"4c55c0233d3d9002b3449c025f97821f8bb8900d","sha256":"ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f","sha512":"af8d384188363378bc99c2e51523e74e1d18ba77d51bff7647a377a117499421f9e94477e09907925e46dad0a908b799a616d0b4855ffff064ba6350815063d3","ssdeep":"96:bVcC0LhyRs71268NYZOAx/rfuNfnAZe5PwGNHW:B3qhpRByNPx54GN2","tlshash":"d191c68d7a70f4328aa138b6283f964ae37b50b5f4d4f0d5508ccce45a78e4a4726f6d","size":4272,"data":"","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-04-08T06:51:59.368188Z","times_seen":8824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/layout-df5ca0ab215fe9d8.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e43cf68420bb63cae37b095ea7e4676d","sha1":"3e9e41a4a62644e1a7d64ac1408852245277dd57","sha256":"92fba156eaccbe0c0793b175356758f1db492a969b312a1dc1178c2e0a9448af","sha512":"d5a40fa0952f418bc72bd07d92e2da7099a4816c8649de53080cbe1a3b28dcf612c374f7111dfb48ecf68e2cc3ffd67d63e87113e747936363b75116221a411c","ssdeep":"192:E538LPEnxrHpHAFkkn6nFq5Nhypx3QcUDYF6kZAmJF9M+xrzVv8Q16:ERdnxTyikn6FqfiBQc79AmJMkmN","tlshash":"fc529bdda3d4bedcb8674c99ff6b980c710f66649e1b0860696dea50180b1d8f513fc8","size":13433,"data":"","first_seen":"2025-10-23T04:16:54.71733Z","last_seen":"2026-04-06T13:01:00.093144Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/5925-4166237618ab52e9.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"f005e9303ffd0bc3af0d8bfa5241b52c","sha1":"6d3c108425d01cc374b586a1a95261fab90d0e32","sha256":"37f82f138746f163d45b89aed6ce6b8b7fdc308fbf49789fbfbae70bf4a113f9","sha512":"ec0009d6433337be84c15bf612910cbcd618715b2c0200d0dc09cac4b0006680d7079c786a5cc8ba3740f4ba0870baa56d136835bd45c8664432e4c94b42571c","ssdeep":"384:AkNfk9vLE8Ovw45ZvvtILugpcq+Dk8ICCKFltXkbn17S/Wli6rBc:XNfQvgXRPScq+D/+bn17S/Wc6dc","tlshash":"dee21e95f1a6eeace97b88d5942fc40cb11e7f4cce0ec8a4f8b868241d445d47a52bcd","size":31496,"data":"","first_seen":"2025-10-23T04:16:54.689029Z","last_seen":"2026-04-06T13:01:00.090809Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/4922-1d859531bf4b2f28.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b8e7f0c0a9735f427206db6ea63f8ea","sha1":"2ee15eefe4c9d113b90d13da5f5e390008bd9e20","sha256":"f89e0c00d945ffe04d6dbe81112e18840510b8432218b4bdc8e913c11e7ba6ed","sha512":"36a45b91dc5bfdf677dfd3fc347890ff76ad2bfe81788bf29df19c3a682232e600bad9a2f2ea0d385896f3cb3ef49273a064c5e298c1371fb04ca3ec06960dff","ssdeep":"768:OHMxk+tCyRg1igpDcw9Q6FOdtt+QfcIzYV9:OcO31igpTdOdbPe9","tlshash":"a523f889326b72974bde40c56471030ae2349e992448640dfeb47fe7d496ec9a2fbf31","size":48623,"data":"","first_seen":"2025-10-23T04:16:55.428204Z","last_seen":"2026-04-06T13:01:00.075586Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"e795f2b1b495c31028edb86cb4f4e7b5","sha1":"d5d0d2d9e1538e5869ff9828d64664b94d6de653","sha256":"02c0ff09b0683b8853beac78e1dd6a3af9a8e10691130f6e1ff99647756e541f","sha512":"1cba9dc68dc86057efe7d75d45a8e4decc5cc620fe727688d90c1296a4498ab19425aa6de6ed4ab88f8216c266f70e39a30bf849715ad7c174910f4414d406f3","ssdeep":"","tlshash":"6f41427ea3a4193b45fa787e21af560620726654e0158c0c813e76846cb1a4b21dbf5f","size":2084,"data":"","first_seen":"2023-10-25T23:30:09Z","last_seen":"2026-04-08T07:39:12.938169Z","times_seen":221234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3905dbcb4dd1b856c20f5a62b2df873","sha1":"16c361906cb4cd9bf45c595a4c7be17ee2a154bb","sha256":"bbdab3a29eb8b1808c32bb9e58bff46ff632346a236274f93f10c43c1330a926","sha512":"c8d67b2ba237a7073c3d25f7e8c99153a2156765eecf5fd742652d529763d8036da4f6b55d6f7594927c26ad1bbddce5dc866a0334db2fb73c91308d55bd00ae","ssdeep":"","tlshash":"5e416f0badc0ff606c69cdf912366d96e06fffb2c2b5c70dd90cb496d099129478a50a","size":2172,"data":"","first_seen":"2025-08-11T16:38:13.738738Z","last_seen":"2026-04-06T13:01:00.114053Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ab794d0837c9c24133c3095c216e149","sha1":"8e33f7609c096e9a60b4568e89df942082d55acc","sha256":"a2635da679cf59d1237d842f383ce6815a01c5bd7565cc4d43331dcb731d58e2","sha512":"e62d61bc298d7157d40ac93188287f506dcbd3929f63c34f094abbe75a6a25c4d6caca52f37d83a9565a5524ced56d722a2e8109f15f3f55d83bbe8b3a6582ae","ssdeep":"","tlshash":"0a41880b6dc0ff606d598df822365e96e42fef72c2f5c60dda0cb092d09a22987ca505","size":2137,"data":"","first_seen":"2025-08-11T16:38:13.741734Z","last_seen":"2026-04-06T13:01:00.114588Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/page-5e0921c3dc577898.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"6336154248ebad2baa89abd7dd08257f","sha1":"f2b4cce7177f84edd2b6a4b19f9a7b7dc1404c1b","sha256":"085c226b8c0b322fefe5c03ea72b73986cb7cf923cea8ad608bda0a213cdc1c7","sha512":"6693f91615ff2fd40eebbf0091e3a55e4b45dc50ee962b23c553a1f6a1655cafdb6e63d66804da797460a089166bebd2e893d6a6ef1358d14f4f905888d0c4e0","ssdeep":"","tlshash":"59312a4a171db55f59276ea4ff879c0e641e912098274e206164edf238233a8f2f096d","size":1722,"data":"","first_seen":"2025-10-23T04:16:54.250513Z","last_seen":"2026-04-06T13:01:00.091922Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"47528a3860612c6b540934a4597f032b","sha1":"646fe8dfbdd2d8423b470870438917beeb5e171b","sha256":"392cc138a8a4a91c9f745bb00b26335ac66d7739dc38f579356f580e1b382476","sha512":"161306b313d179be9a697363b4e7587725ef306236c1611563768f6000208989e8e412f483a37993ca4e447ad18cc39447473262e35905e4e0da62669cb14aa3","ssdeep":"","tlshash":"e9413af03b05951015e78f5ebcec530e4c476f4de9e461847f0ca65a209a662bc7287d","size":2074,"data":"","first_seen":"2025-08-11T16:38:13.744321Z","last_seen":"2026-04-06T13:01:00.11655Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","size":275,"data":"","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/www-embed-player.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c435b0d8c14cb9cc92035b2640fefca","sha1":"4a616d1d58d4c28ddce2156d48687f8af12c4703","sha256":"2de42ed8515ceaa100dea97e5f05b589bbaba4a5b85f5f031948e33cf0388dbf","sha512":"f00714b093bb3f62ade3ffd204c3e1a5f7b7c091ae022dcf6d5bdc2633cfe3fbb241fe67735b30e84f113da5ee6b98aefffcd6bf0990b28651279e19791b5e19","ssdeep":"3072:Rwu7Y4GAKgmVUjdkKiqTC61zeV+dbNNJStK7aAgBUrj3Fv:E4ZAUZkKiqT/1aVGhNmK7aA1v","tlshash":"01744bcdb692706352a3a5b4803f110bb13a78aab80cc9b8f195d5d92d7495d8337f3e","size":355825,"data":"","first_seen":"2025-07-30T18:59:23.341194Z","last_seen":"2026-04-06T13:01:00.079775Z","times_seen":600,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/7664-7ac50ee128122d88.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3008a8b6fa952707b991dedb6e3a9433","sha1":"5e492337eccd9e961ce44778ed583a3481492999","sha256":"a611b1eae65df5ed3de36620f52bbfc3da68b958284c37b792eae731e066349a","sha512":"09620af246c1d30afab4f5ca2250bc08201476b16a356252dc905f82221c6f3efddd14709249e11c7d3bbfc8ae40c413bc227620392e15e5a2e972d18b15db8f","ssdeep":"192:THDV/lkgo/9Cp8kINE1pd+4y0bzW+1AOlq:ggSCMNARbCSAOlq","tlshash":"9ef151e6b2f2b52583c36161083f0459f43eda94768f826de164d8d6bcbc488d43bf29","size":7708,"data":"","first_seen":"2025-10-23T04:16:54.387829Z","last_seen":"2026-04-06T13:01:00.088467Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/main-app-420abd7798f6e175.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d45661648b73d31fc3b9b073b1abb11","sha1":"33d7b68d474e2996c2b4673207fc6e183f027802","sha256":"8306894da00cb9ab79e7d9336398c5f3ec3f7c361fc125a5b26c1bf2a5982b2b","sha512":"ad20bd27c3fd60aec13fd7d60831590d3385a77da654dbbabea8ca421cbcb07fa294e164727d7453d93adccc00a7337aa25a6fe6ac81a0c99f133634136545fc","ssdeep":"","tlshash":"b8f05e9a264d742f28336a60fdd7ac2e285e8139287758506a05ddb12c33a6cd2f0c38","size":473,"data":"","first_seen":"2025-03-05T05:44:32.012927Z","last_seen":"2026-04-07T03:02:36.55706Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"55ae843ae4446a2707f2c4d7122523fd","sha1":"28cb184259726a89a32b5e3355449d73ec6f2b64","sha256":"80ec84b80e02119ce6ee1f2447b73d7e5c036387029090b6d1232be73a1ab30c","sha512":"1ed99f40b73fb10027733f1134677498b83f809e5c36a782c99dac3a1c90895ed42f0c1d96b6731bd38032f3453e04de3417664ceee813cddb18b8d48cedb351","ssdeep":"","tlshash":"cf41d8a46600b4e75f4f47a2726a5314fb6e6c4c1c2c1067636880b27c732ac2c1be62","size":2074,"data":"","first_seen":"2025-08-11T16:38:13.746723Z","last_seen":"2026-04-06T13:01:00.117134Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"ffcdf9bf062ad1080462c37f49c7ea8c","sha1":"54a7f269c3d0495eee1a13bfd0671faa1c8c03cb","sha256":"15f522ff885e9de30c261a75893439eef9de2f22ac9a52abc69bc0b6c8624f8c","sha512":"cff4a2ebdb7f88ae0e75ff2951ebb3a535e0c7a4d0cd49c5db084b5f35921ed435bbd9adfa5fb3b11e4de51c95be3f374bf6291856b795a9ace3c08897a2cda8","ssdeep":"","tlshash":"e841c9b65540e99bee8a46c9753d2f31bb2e8c0c1c4ca0065214c125aca737b3c6bd82","size":2139,"data":"","first_seen":"2025-08-11T16:38:13.748893Z","last_seen":"2026-04-06T13:01:00.118557Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d496d66be21d1a644f6a18f78c5ff4fa","sha1":"94e012e6b0ec2881810fc2f9f0afe469be5b3d26","sha256":"e7dcbd81970b4dda5067a81ab9c51b4bf9384bdfa7cb51a02d2d21930957aa2c","sha512":"d78b976c5269292cf93bd7fc64cee1a15bb28b46b34de35919d38ec34464431da8f5b9b2fb2438327ec68cfa840726a90faa6825df5953f4ae164e76872472ac","ssdeep":"","tlshash":"b5410fa9a10cfc8fff9dccce5a7c4cb6288dc4a991c5959e5524c67a00404b7b5a32cb","size":2350,"data":"","first_seen":"2025-08-11T16:38:13.751432Z","last_seen":"2026-04-06T13:01:00.119108Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"5fbc8380ef43d1cad35637f2a4e082f1","sha1":"8d441d390d8320e6ec98e151c65c91c68f925e0e","sha256":"f52dd0ae176cfc6ad1dfaa038473082ec74d7d2c2bb65a89314a8bb41e61fcf7","sha512":"513f2c4f91e85f31633c291e80f30d69d7bfdfe0fd1606b57e38bb93be9a649d600d6f037188d82dc55ced385ecc4401e54549eac82bf321df97c3d45bc9eb30","ssdeep":"","tlshash":"6741b47a5400fd4fd5b90e8a393f1db132cd585408a2c96e2561c902ae858f7baf398e","size":2205,"data":"","first_seen":"2025-08-11T16:38:13.753886Z","last_seen":"2026-04-06T13:01:00.11963Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"7c6a6d2f095af103be8a0ed9105bf4c2","sha1":"33edff24ca69e9cf3372894138b3a53c257d0772","sha256":"ce3c794dfbe02a2aac65ad34671c0b2ff86712f6068a73e2cb627977e2a8e79b","sha512":"be1e2e6a4eaeca57e0161518265d8da51da593cc8a170c9a4a2b2fb3e9408af70a895383d61fd95b814dedf965fb1383d59732a3caee47bf86384b3563d63be8","ssdeep":"","tlshash":"0f4109756401fc4b9dba0f563a3f1e207adc48980d9581af1158cc436cd10fbbab7944","size":2169,"data":"","first_seen":"2025-08-11T16:38:13.757243Z","last_seen":"2026-04-06T13:01:00.120143Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"6b2f1f6da15deabb8463631470909b18","sha1":"7c1576d19487d512135f08c55dacb62e5f3d79ad","sha256":"26c73f00a44c7d189953cfdd3738edffabe708a1515b981fb813011e0571b264","sha512":"48f572f629870f56c7f64dbeb9a5dc2ea0ad43073507da03997ad332fde14666c0add320467e1d71732de89b2b57c7ed0fab734afa01f08a272dca444b842721","ssdeep":"","tlshash":"234107643000fc9fe89d4f88773e1e24aa0e4c4c08a9a06d0190c1536de62b679a3a4e","size":2179,"data":"","first_seen":"2025-08-11T16:38:13.759466Z","last_seen":"2026-04-06T13:01:00.120679Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/2537-3779df9e937deae4.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ac0f608a4d3dca1eee3524f51e9be1e","sha1":"9f3593272a80f47e3923e9a8cf70f524979b53a7","sha256":"07b4d957abfbd249488873368e9a599dc098d054c5c008ed902147d71184d52c","sha512":"12c3c67994096d3a8445b0c7f881d7d1fab0bb33cbc8344a49c7665158327bbd1661c61012bca3318df405b9a2b0202ddc1080ee5348dd5eb2b2d17b28af3dd6","ssdeep":"192:BxDmwvqp7QG1EQwFJQzCUYbDtClg1e1rfGam1+BdbjYPs/i+MTMVdLoUJn61UYyg:G4qlQGaQB/YXSTGaj6HTMAlSzz4","tlshash":"6a220ab5b6c8fc75528e09d4843b430a76592b35551e2840f3ee8ce76378e8750a2fd9","size":10115,"data":"","first_seen":"2025-10-23T04:16:54.832448Z","last_seen":"2026-04-06T13:01:00.085796Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/817-a15fea2970392d77.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"f06675485df8ef99cde78648177f9d13","sha1":"e2dd0fa9dbb8efd218b34df426ec917f62b8319c","sha256":"3064c45f3be0adb7e48cb84ded1b9b79369c0d23c0f9829cf4974948127a060f","sha512":"234e2dbb5f05de376f0d28b704c650b9dcadcec6be8ed615ed6728057ec989349f055bca0daaf9b0096b8f51cc30e2c8be34b92bdfdeb547d4cb7e8aa75f1cd5","ssdeep":"768:jx493Q/ytBbyfZmIJ7YRnKOx7FW4THj1c5lybL:297tlyf8RnK6FdalybL","tlshash":"041309b771d1f8e253db44a0843b100ef27a1d7a241ea144b3b5ccd5f6a05ada1a3f7a","size":42674,"data":"","first_seen":"2025-10-23T04:16:55.171015Z","last_seen":"2026-04-06T13:01:00.086482Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/3848-70958eefff98a5a4.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c86a014e0ded33c49392d40c728613fb","sha1":"6811f7686cdd6518f03a70d579507aa5dfb8a493","sha256":"086995014bd22d5f55a465ff9ccf53386beb79c3db5ee1c299b47c0a2dbbb080","sha512":"e156325bd8fedf2911f282a6e2b3e7457b6e1a9114b3820c2d126d67a0cacf91044ef312c32cd74356c6eba255236f033765dd7cdf480ecc28971f78dc36c29c","ssdeep":"192:i91AEwIzrICoQE7gP5xVyDN3MUtp4jtZVNuseRFEM3W:KAEwIzrICdRByZ3MUkjb19Mm","tlshash":"7d42519cf4d2bedcf96b98c4a67f540db21f1b44de0a08b4f9b8680468451ac7653bcd","size":13012,"data":"","first_seen":"2025-10-23T04:16:54.440747Z","last_seen":"2026-04-06T13:01:00.078128Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/1129-a2bea5e33d0056a2.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"67da267f4f706a151cd24d9d48c86994","sha1":"250a3c9850014671141cf432dd7f7c3c6a84d228","sha256":"cb4aceaf6714fb746f6ce56c6f8250feddb93c6949f333e51aca18cbc7f5e8bc","sha512":"0f7f3447827419da6b69f39fdfb8020b13c11571857417b112d3c4b67bf7b84c300bf75aad39d3b10405bc2298377a272b1f3752d1dbe1b05d580370e8ee44f0","ssdeep":"96:QU+AHjyPFLstc/fRtplrPqJ7MXcF0T+1bsHVtz+sObHcTGyccn4ED:zmCc3pcJ7MkA+1bYcHcTGsH","tlshash":"6491b8ad30e3b41ae7574183212a1118537a0a7c384c887efab49c5b94f65d893d3eed","size":4268,"data":"","first_seen":"2025-10-23T04:16:56.649517Z","last_seen":"2026-04-06T13:01:00.109293Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"38b1dc2c2310f8e285ad9300fcc7b9c9","sha1":"168ad8a68b21b37512e0c65942798c69264d382d","sha256":"c2f9df0708448e10e014e6ff9c21be82ed372106a0bec8647ead4dd0a3566bfa","sha512":"419d5d9f3e321c667d0cf7ec39f30010a77dabd9e742fc43a76c6f2937bea25223561819e882b10fb679aab1015f28a4e00e227e267149c47f49fba3b890da3e","ssdeep":"","tlshash":"4d41847d5805ed4a84b80f1d7a3f3c51489d58fa02f6e69e45a9c85394a10b2fae2888","size":2205,"data":"","first_seen":"2025-08-11T16:38:13.764662Z","last_seen":"2026-04-06T13:01:00.121586Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8da23b3d1bae82a4b7d4077ac03ef2d","sha1":"7fae26d2f225ac8cb9d6807e33e5aaaddee3d3aa","sha256":"0eb8570e86e93f5da8ccaf3ffb321b39c71ca6a6ac4f16c49fa6f6c8fe6c95d6","sha512":"9c65f528dcb03f7f07968cc63124ce88420643e905547f11d5461885df1953ab733b1fb0b9aa3bac5ac7f3cc23495969d21858a568400851cd64abf8abb58703","ssdeep":"","tlshash":"444110f61085fd1fd0d4cc4b2bbe3c7318adc45481c5956e94a9c86751d10b7f6a2ac7","size":2330,"data":"","first_seen":"2025-08-11T16:38:13.766873Z","last_seen":"2026-04-06T13:01:00.12213Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"30700113dbd63f692b519bfe6576506b","sha1":"efccd56eb0bd9d576aef84fe2c756bb8e6c19fec","sha256":"0e736f2d2b49ffeb5bffc7793895bfffb85c0e33388e139aaa65ccf613e372e8","sha512":"5252cd9f9f85a5541d31f49728bc6285d2dc50b7276030e64a4d0ac480407be137a076e6c26d0901cc242f7536c9dc488d134e5d211b7f3410292c061d6170e1","ssdeep":"","tlshash":"f341ac351404fd8ff59d8ccf2b7d6d36049dc89941d0b0de9665ca6b44810b3baa768b","size":2438,"data":"","first_seen":"2025-08-11T16:38:13.769519Z","last_seen":"2026-04-06T13:01:00.122708Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"de50a58c9cbc69927dc1c839834e9524","sha1":"f57c10928c502819cc829f6cd1aeb63b868d0aa8","sha256":"4ae28ec3b2a0094b7b44c435c8d8e5246f36ad0c138d320dd984e6502d0ccb16","sha512":"a4b396198ae0410f6ba9d7110efd80a771dc265b4bd34d14071fb34521fe271c82e11c0f969ff75eae6598d4af9e34313941d75d1917b5432675a3be40e4cde4","ssdeep":"","tlshash":"e041d7a12d0bedab8ced1d23b93f2c616c918b7552f2cedc08c4c84771c41389ed6206","size":2164,"data":"","first_seen":"2025-08-11T16:38:13.77191Z","last_seen":"2026-04-06T13:01:00.123295Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"0681c4cc111479e1cb86963d2e8cdfa3","sha1":"ffd4de3275e61310a1f61726957ce21b2292dfea","sha256":"30df8940cbc252ba49d4fdf9a29c1a61d59ad37ac0af3321992c6270f675792d","sha512":"89babeaf26488364d051a24d7854b22d210e5a313346e161c7a9068d0a8a42f5665dc5f8a41115022353cf5506dbb1111eda6321026a68553416cbe087e4ab91","ssdeep":"","tlshash":"874175b46816efdbe898ac8b663e2c641cc9881a40e189bd81a1dd57b0c45736ff71c9","size":2238,"data":"","first_seen":"2025-08-11T16:38:13.775947Z","last_seen":"2026-04-06T13:01:00.123854Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d9e2fb7f343b661ecbdbe9fe7251a74e","sha1":"dd5d1c40315216f37632dd5071fa86c41188ea7a","sha256":"fd52f69d348b5cfc19efa590209792011f68c88f54f360725e5dd826c02916f2","sha512":"7f4c80d6f9959175af321881b7c99ed5161e02a20ccda43229a42f611319f249ad3cb5bacd45787ce331bb6f4da30ddd7d41373a1e5ccfdf6f43b4b93215cb76","ssdeep":"","tlshash":"2441a4b50809feafdcdc4d2ab63f7c221c99857752a1d99d90e1c95350c407aaff318a","size":2232,"data":"","first_seen":"2025-08-11T16:38:13.779202Z","last_seen":"2026-04-06T13:01:00.124414Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"655bdd227155118f6a6f143726b4ba02","sha1":"0e5277d9a5d17b1e82e99a4a3c37baa53e1b12e1","sha256":"fd8d5c721967db3ca4d3b30a545a1675deaf25b673680c74e475c2ae2ff733c6","sha512":"90767f90587b20a018a4e54c41790aba544ebbf4d9e67ea2477743cc11ca03d09e9a78cfce1d4d5ab89ebb0a6a69525a0bb48dee480f0d48a66f7dbd500a28a5","ssdeep":"","tlshash":"c941b7650806ffafcc9d0d6a773fac721c95c56a51a1f9dd80d4c54720c007aaef314a","size":2237,"data":"","first_seen":"2025-08-11T16:38:13.781329Z","last_seen":"2026-04-06T13:01:00.124962Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbf008988a315f3a329d31cb322692af","sha1":"c192630358466dd116051d9bd4e5887ab65eb956","sha256":"72cc4d564b1fb68e3baeb5ee78b02426752f9fb6c4a1da2e4bc9f550f00bf6de","sha512":"2c9c25c8abfa010d1e465381023c078da615e054972afc9a9bde776be86d014b098ab686a6c47642ff6404b8c8efac25ed3fd77407799fe3572c6ddcec027c98","ssdeep":"","tlshash":"c541a4625905fe5fccec0c3bbb3f2c722c15c56a11a2ddad90c4c98b60c00ba6ea314a","size":2237,"data":"","first_seen":"2025-08-11T16:38:13.783432Z","last_seen":"2026-04-06T13:01:00.126519Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"b1717b72ad07bbe2fe8339616808d4f6","sha1":"3a6df846af54e241dd06ef2e6d5426e42b0b9e2e","sha256":"96c73aa3e75bda9eeb51234bb06eed6f551348badec439792d323ad9c11ca124","sha512":"96ccaad0f9a7efb74468b93bbad1b0643254b22bd9a87fda9503dd18638c319919a6b4d4e4f914c73dac817f057901f5f5d54201aa0a46e88d4cfe1e2e08ca4e","ssdeep":"","tlshash":"444171765a00fc0fc4ad8c6a5b7f2cb36849c41941d199cec6a5e91b54d10ff7ef2a0a","size":2272,"data":"","first_seen":"2025-08-11T16:38:13.785438Z","last_seen":"2026-04-06T13:01:00.127127Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/gtm.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"89ceb969f3c1878eebc332b58b8d24db","sha1":"2b367e1765d5f03a5c8c3e08b7327079e475b391","sha256":"90529f2bb962860258050afbc1296e76481768a527d5e9f601c67e9470362b69","sha512":"f9a1f0d4954658a7f9d91eb08253661dcf263a3331ab6ce33b862298f707b4145768e65c389f5a3407e78fc643ee78da642407320eb251651ef87e3cba270e9d","ssdeep":"3072:mNnjweWKA8xwym6o6A07J58JGXbrunAxVOrqtcRWaWU5Fjt2YwTYyDgA:BgvmZHnUOq9aWU5Fh2nTYyDv","tlshash":"fc6418cd73d6b42283a2a478503f018bb57b69e2f44cc899f185d8d42e74aaa4177f7c","size":313322,"data":"","first_seen":"2025-10-23T04:16:55.263222Z","last_seen":"2026-04-06T13:01:00.105457Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"93b21911a509171778fe6d264ada2465","sha1":"f04c74033bd6398dfcd46bf2e3653fbfde72031b","sha256":"24bcc49b9623c425054542e7e4d0b8035e13ca0ed636e2a6f8bc7da88022a342","sha512":"a77e4c2d468ef21f08c5f437726f1740ab59d2cf97e3073cf52ee51c7bc33931aa9c39ca0895c6706605efa3f005213f20ea2be44e2b6cf2fa7c52362a7024c5","ssdeep":"1536:/Uy3s9llENMyFXHg1hI1hAPYGVu9TLkZUBlYEGjb6QKOa8:5lUe9GVuN4ZCGEGfX","tlshash":"3aa3d7640868a8769893d447deb9ff3e9cf805790bc89a6dbcbac75c01ec6510e9f413","size":106050,"data":"","first_seen":"2025-08-11T16:38:13.761925Z","last_seen":"2026-04-06T13:01:00.115142Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"edb377166ae87d3b43280c1c4b9f2f5e","sha1":"28086acf1174dcc9e25390853e17bd6cea201172","sha256":"1577556bbd53f68f49f1a812559cf3dbeda741572ae835706b4b19868178229b","sha512":"19341ad01b905f9f2a30a6aa2376f9fb9fe1d029f96e0fb4210f6e9ee4828ca7b4c49807b8200eb5790fc8a3db50b88d63a5c048aea546bd9cb7a21727fd6626","ssdeep":"","tlshash":"add02b2b9d05aa39234680be94b4d139748d207856219807d18accad24f8ee15c9d9a0","size":277,"data":"","first_seen":"2025-10-23T04:16:54.630728Z","last_seen":"2026-04-06T13:01:00.076345Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/297-6d76bae9b6e1ddd1.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"672529b44ce7835ba12a9cd965c10243","sha1":"fe31dd4beb4a2a6261bbd5eddd4f5e0e726dbc21","sha256":"0786d452a90f5299a126bb72ee4101b59b61fec75cfa67d1a0177cd44cb0fd3b","sha512":"30a685f3733445e1f971b2c8af02a442a8e20fbc419b137e256b373696dbf2cca700760df9991c7ce3ab370f0bd44fd7fc5a363a12733d8d3fd9aeba1a3437e0","ssdeep":"384:PyWF9waIrt8J2nHrGD2ON7OKJCEnqAOGWougqMOmsRf5/bb2wsOU7S6OwTTTOJ6/:DIRSDfNCcCEnqpGWiqNxRx/bb2wt0Svk","tlshash":"5682b6ffb3f571c4d10e8ff098bab82d763b35f97a08c29486999568b5191c8a046ed0","size":19207,"data":"","first_seen":"2025-10-23T04:16:54.500236Z","last_seen":"2026-04-06T13:01:00.07695Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/embed.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"63ec9f60ea2990a0f7295611655033fb","sha1":"af5abfac40f0a6f7172eb72ae7bdbd515284edff","sha256":"6ee9b581c1f6b5ac31c4d6cd69741652b058375541fae0858b49454af19f03b3","sha512":"fd33c7fe72ac6d06e8667f99e68afc4356b2cbac799a5ee54ae11c364ba4d9cacac7ca1dcac28b7b55a0b28dbd74f95f96391c82f6e7eaa0fc66ee6ef3999535","ssdeep":"384:tYRgyq+e8v2cAKicdwxEUbWu9u0fdypHBZgnj/XNtaKyVlf/MFbbXRZWeUpppJFu:V+1v22UEUbpu0EjGh1olX2H6pA","tlshash":"f5e2e54e37e0e4249565e1ea1c0b2104633b94dd18e0a3ac763eeefa2d75d18b43af75","size":33660,"data":"","first_seen":"2025-07-30T18:59:23.411352Z","last_seen":"2026-04-06T13:01:00.082622Z","times_seen":595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe81353f0c3e106bb59598d92fd49a12","sha1":"cd09955588a1d236a25a76d3f774418a829cb5c4","sha256":"a366197fa3629365ab26195a99befce51c8f8ec90252df02e0b4cb44bd52d020","sha512":"91e97b195ebad1859d88fadc65abbc0fa276dc9677360385b98b783ab0530df5b002a775fbaf9e7d410fd4eae4110ac653c4459c3fbbc125c7e2b93d5082fc8d","ssdeep":"","tlshash":"991135251b715c27806a296232dfb309b8262372583c91dc8a81e365933661bbc3235e","size":1033,"data":"","first_seen":"2023-06-13T01:22:29Z","last_seen":"2026-04-08T07:39:12.957459Z","times_seen":199651,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"173a08c5d6adc5c93611a599bcb2c717","sha1":"735a7301e66ae2c3584357f7bf0bf09eefb62df0","sha256":"271e6368679a21c3416e2a0325db33d6bc445d601c72a49914081b5efd0cdf3f","sha512":"cf15a9aa7e406207f3b85c7ab7d6453fd2351616b4dbb2db767ad854f866ae8256045b8cb74948f44d09fedb6c200c56fa2e2ab83d1ab997f5b0068edee7349b","ssdeep":"","tlshash":"b0800000c08a0030c3200c082008c28038802002a8f2002208200000a0032fca0020ca","size":26,"data":"","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-04-08T07:39:12.967747Z","times_seen":198784,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"a68a761b5070cb3dba6a0d08c60793d8","sha1":"e0e0f7c73e3940ee43a620f151e61150ac7f83c7","sha256":"c404c6d6479e84a27bcd19cd79228c84c73793caee8b69b397d94d40d983066b","sha512":"e7d4db3eb4ac63bdbb86d39cdfcdc570f18bc6fc601150e8e8a1972c7e3755a7e5922cb8c8d81162ad54ee35f0cd8a7f0f593ea525df30a5bdbfacabc9762473","ssdeep":"","tlshash":"4df0c90c0744388c9c0e9c9dc6a0a5619b8c8277bb423456f82a094eb9e3beb4830043","size":539,"data":"","first_seen":"2025-07-31T17:31:43.20518Z","last_seen":"2026-04-06T13:01:00.130499Z","times_seen":330,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8fb965e7ead2924508e97e5326bd3b1","sha1":"fae376d0cb54d4433b7bdc9aba04690cd6cb5d27","sha256":"57bb660c2fdf4369ff8e37f99b26963dba87c120b80c443ff3d31e030ab3a0f5","sha512":"c03eb6a1004f9dfcd1f960a6ca70a77932794808f72476b276bb16f02d0a1855fb2d93d07aab7c0c040d4b3c0eb4f861a4c1a9368a27e3a6430e425ff6ed2568","ssdeep":"","tlshash":"8e60000c00000000033000fc0000ccf00300000cc003c0c0000000000f0000c3c00000","size":13,"data":"","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-04-08T07:39:13.062675Z","times_seen":196136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"edb377166ae87d3b43280c1c4b9f2f5e","sha1":"28086acf1174dcc9e25390853e17bd6cea201172","sha256":"1577556bbd53f68f49f1a812559cf3dbeda741572ae835706b4b19868178229b","sha512":"19341ad01b905f9f2a30a6aa2376f9fb9fe1d029f96e0fb4210f6e9ee4828ca7b4c49807b8200eb5790fc8a3db50b88d63a5c048aea546bd9cb7a21727fd6626","ssdeep":"","tlshash":"add02b2b9d05aa39234680be94b4d139748d207856219807d18accad24f8ee15c9d9a0","size":277,"data":"","first_seen":"2025-10-23T04:16:54.630728Z","last_seen":"2026-04-06T13:01:00.076345Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"43b2f4a367175fada056d0c5bccb01a7","sha1":"4c1f313081781d4545bbd69df01af5f1b38e0c3d","sha256":"9a7f4acf15d3566e222f992a73328566517ca7a8ceebf231bc91f835a5aaf78e","sha512":"5eefd86b469b91c27eecd056165a506530c9d8a035df98fc9555bda76b00c5716610061fa3aa0bb0a2303546ec83c9aa25a96e68610604f6aa500f8bceea90c8","ssdeep":"","tlshash":"fe41b96f640cee4fc4e7de45273f2d3918ef519dc5d55a7e90c1c452a1190b7be62408","size":2214,"data":"","first_seen":"2025-08-11T16:38:13.788274Z","last_seen":"2026-04-06T13:01:00.127695Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f8f5805a964c22bbbbbc6580fbc07aa","sha1":"aa0a22ad51ab767efbc80542e1a65e4becd2f635","sha256":"80d8e3bd6cc4682e75c6816ad4a68883b10c5cfaa0b2a3434580e0f4381c5402","sha512":"87071ee6c869afb7aea8a56e50e7e40d21b7d547a45b051dacdf1c8bf539b68320bce16b1b84daa7cf4ce23b524833f72b0399a95d68eafe48a095495205afa2","ssdeep":"","tlshash":"6841b72fa564ed0fc5f1ce092b3f1c39008a969ac5da52bd54d0c416e6180b3be72586","size":2227,"data":"","first_seen":"2025-08-11T16:38:13.790295Z","last_seen":"2026-04-06T13:01:00.128749Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"8094029885af9bf7887bd076bec0c44a","sha1":"b13e56640b5c9433f34efed5a24e37e4ff508dda","sha256":"a70af8c7df16497476898a51f339e1ee1b5669743b86f4363e93175aaf529399","sha512":"2904bf100519663cbf3ede06b053b88c19e35efd501bfc985714b86f58f87d1b8738fc179ad8f10ead7e865a59ae2c748268317e08620b8476f19ea259d641f4","ssdeep":"","tlshash":"a441b72fa6a4ee0fcaf5cf053b3f5c2904c9168dc0ca526e5490c552a4594f3ba71459","size":2227,"data":"","first_seen":"2025-08-11T16:38:13.792074Z","last_seen":"2026-04-06T13:01:00.129315Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.hsforms.net/forms/embed/v2.js","fqdn":"js.hsforms.net","domain":"hsforms.net","tld":"net"},"ip":{"addr":"104.16.5.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bae4b1a7976de8291e8b5ec5bd83155","sha1":"84d041fb648f6a7fc8469719a5ff4cf3450d539f","sha256":"e385fbb485e5db33bfbb2ccda0cc7a263a4e293d30b1dbabb7eb5ce7f5e45c51","sha512":"dbbd4bd6227748a02d8aac7d83bae4990d33c40cc165d025a033ee0f2846a3e7de6d61475aeb5ffcdac07f45374123bef25b1c251b033c23e8847d2fce398d3c","ssdeep":"6144:lW85B6NlctNXtk++tjneV1nPnTsyiS0MbtLKOYodFBKaNJU+xVhN/9SEefdLBFJM:ldttBtUS04FBK4JU+xVf/9hefdLBFRsp","tlshash":"edd45cc53182f0215bb202b660bf600ab33d5d29780d8950e765edde38e995e913bfbd","size":605904,"data":"","first_seen":"2026-04-02T09:10:39.78008Z","last_seen":"2026-04-08T07:44:57.889931Z","times_seen":351,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8e31ab3250625c8d0a06e7536e3efbe","sha1":"412101bc37f4394334d9635e59b30472adb52688","sha256":"a8ac17ad2b2ea4947aead465492d0971b608c7c11f667fd774715242d27cd0d2","sha512":"118bbf7f70119cc430c8830ce4f8e4a9bf1510ee1f5157a0b4baada2af86dd532b5b0671193da6aec9d86291353c635806ad76f30e6ad85b21fe7d6185cf39cb","ssdeep":"","tlshash":"6141a46fa554ee1fcab5ce45373f1c6b04c96689c2ca82ae5490c527b0580f3beb2449","size":2227,"data":"","first_seen":"2025-08-11T16:38:13.793783Z","last_seen":"2026-04-06T13:01:00.129934Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9cbea9ac376f4dd4b0a277eb72f74ad5","sha1":"dce54f19256ec3b66320be5fc0dabebf06c0cf41","sha256":"2fb66c63e5e0e85b1afe15e72f814831c438a199c3c4a4c124c2670eeea735cb","sha512":"02852c1da470c47b0535078bb379564c4aff7756cda7f54d74b9eea639e451737494f29f0030b833f88ffa71d9faebe5a3945b9cbdd5e8110f1aea5784b1e1ee","ssdeep":"","tlshash":"6241b55ea668ee0fc9f4ce593b3f2c2b048902c9c1d9d2bd85d4c85270580b3beb244e","size":2227,"data":"","first_seen":"2025-08-11T16:38:13.795474Z","last_seen":"2026-04-06T13:01:00.131537Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"eval","is_inline":false,"md5":"fe85652f1294431c9f32adc45589d12d","sha1":"8ce4c56597702eb942812ac93df82176fea3a8da","sha256":"40851dcfdf0a38d3082a8b188b678210950bb110ae94a5ebcf58a959b220610c","sha512":"b9745b85143bca916c917b924288a0627ec259ca50eae57a11d1525b7f58434bdff73383c035060df3eef1c8eda8dc739415462c61e9eec813b474f650d7d879","ssdeep":"1536:b/ZsieoPHo2sRFtyoXoumqlVS46ZLBUX2MtbJGj1w:VPoDRFwoXoubMpLg2Msw","tlshash":"1553f5def2c36b351ae261f2009b200a52bba555dc981d5fbd01a6f41e31d87b02bf39","size":61594,"data":"","first_seen":"2026-04-06T12:42:55.10509Z","last_seen":"2026-04-06T12:42:55.10509Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/remote.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5710dad6271a9165f17934e672bb8ac4","sha1":"27883df4ccfa9ad3c1521b0b3ba3a7c0825b366b","sha256":"4fd00d63c35ce4eba964b2a5d4c85d890834d48043b1e4662188040cdb037a67","sha512":"b9637479157698f04228540de9af16dab54b6e693a31c194676d40403e833c59adc35872d3daa68502e6aa2a9d5c027616ce08078170f0bfbc62b4c5769bc2ae","ssdeep":"3072:2+/9NZ+j47HULFoCFp2PkPa3IBG44BLn3qsZP0xPljNN9ntsmpNw:2S9Oj47HULFZz2Pt3IBG44BLn3qsZP0o","tlshash":"5bc3c398b551b02132a3f4f9093f200a56372ae8a49c426c760aece35c7dd4e5677ff9","size":123727,"data":"","first_seen":"2025-07-30T13:06:15.598584Z","last_seen":"2026-04-06T13:01:00.091384Z","times_seen":462,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"b91dda4bec7785f43d31a54f18857e70","sha1":"cf19a4cd726dac64f05302519d4e527893750045","sha256":"52e120bbbe590e205313baec6e8b474ff086cd3e3682ac677f384292e66fb729","sha512":"733d3355fa282bc5bfb39cb73678d3a55c540f4e76ddf0b8004810a428aedad19addbf67ca0bda8b91180201ee744c4764fe4ebdc772a7b8f7f81afb9a4ee321","ssdeep":"","tlshash":"2f41822f9228fe0fc1a4cd4a3b3f6cb7549d4111c1da462d61a4c0a675840b37eb398f","size":2248,"data":"","first_seen":"2025-08-11T16:38:13.79687Z","last_seen":"2026-04-06T13:01:00.133533Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac2c227c6abdbdfa957a636de5df81d6","sha1":"258c51eb1d0c106f528530e42887fbbf28a1cdc7","sha256":"2a32e9c27eef44805510f9367d7a0efa4686c4d15b81f0c4f42626905655d2da","sha512":"f62a289a1a6b06f8ecffcbe680c724b9dbc9a3f85ddcec02bb369b4c3a3480b9191c2ccd6753c0f4fd18c9c6cf449482fe5b687c2607e09abc8116199c922279","ssdeep":"","tlshash":"594132652008fb9fe48a4c8e7f7c5cb3145d8619c2d6749d9051c61a3a844b37eb738f","size":2308,"data":"","first_seen":"2025-08-11T16:38:13.798675Z","last_seen":"2026-04-06T13:01:00.134103Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","size":275,"data":"","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmp.osano.com/AzZXI3TYiFWNB5yus/2016b368-eac0-4852-b001-c9fd9aaaaf77/osano.js","fqdn":"cmp.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"52.84.50.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0228f73cacf059661cfea3cd5e0125f5","sha1":"f966829b30bd2bd4adbfb5f432dd94dbf89c5416","sha256":"6d2a977bad272fdc19b6bdeee55d198edd56f513e21436d1da97fdf77ba32433","sha512":"7e0b3bfdb9130b41b2cf490059b2ef015b63f407c857795f57a27babcb285cb4eafa84028773fea75094eacc682fc6ae719e188cf76ecbe87c3aabc51e4ce94d","ssdeep":"3072:l6X4enSf+6zrk9bym39gTJsacCkXgTpW3BFha/qmOmLpRZ+2zxvp+Qh:l44KSfZqCkXWWxra/qmOmLpRM2ztYc","tlshash":"103408a536daf5b112e356e9843b0509f33aae45342dd090f364dec42c2864fa676f3e","size":251069,"data":"","first_seen":"2025-10-23T04:16:55.289919Z","last_seen":"2026-04-06T13:01:00.086987Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/base.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"adb2e26748e4a4cdf753747237c0cf1b","sha1":"7a83031ec3e847c85593f6a66579a443adcd552b","sha256":"0e5d3960f50650a379ffeaa336c579c77cfc850351742b0b095b867bac349636","sha512":"91e16de09a56cd575589ff2a6b3b69d5c5209f431225e00a11db7aad6b8fa6e1e5b3462bcd4646eac84198abe64e65716dce5f145560dfc48cee4b4237d53477","ssdeep":"24576:6um6dQk6fuIxCeLWIZeeKDaC6LL0AMtJUO0w0oFKkCGoSI1e7398r:6uDp6xlCg4AEUO0w0oFKkLN8r","tlshash":"adc54bcc72d2b45072a3f1f8453f2106723b6598948c861cb25adaeb6c75c19a337fb9","size":2609054,"data":"","first_seen":"2025-07-30T13:06:15.962046Z","last_seen":"2026-04-06T13:01:00.132953Z","times_seen":370,"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-06","alert":"Hunting_JS_WebAssembly","trigger":"midnight-od.com/index_files/base.js.download","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"6063d7317c41809d9d6e13586b1417bf","sha1":"0f926d4e8e37c0b7daa7066d32e4a7d9567c7261","sha256":"3d731f53e251daaf6502f7e6e8a2d01214a5234feb8738612416533f664d083c","sha512":"52641b25a0d81e13f8c3f042cddefe00b2f403ad974eceb474cc1c522f58fa65c5cd4adf4eb74c3313a8a944556e1ff382b5e5a6d2213e368dbf27d252224849","ssdeep":"","tlshash":"08410c6a1204fa5ff59e4e8f3b7d1c77459dc689c29828ad6410c66e2140477fef32ca","size":2302,"data":"","first_seen":"2025-08-11T16:38:13.800533Z","last_seen":"2026-04-06T13:01:00.134635Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ff301e53cb9e4d6c7657f3e66902d2c","sha1":"cb9efdfac3b7905c49c794b420c7abb568b25788","sha256":"fd3d129a23995eb29db616ad5bc3da55aeb8bb6c6c57ce2852ccc67f39f04d59","sha512":"f60e0d20f9ce47f6ede918fa2dc82d4cc33ae41d537945b1b72e6e5bbe1893dfec8eec6f8e37da34a045e97013b026516c84f9d74c1fee077d6bff78cd77665c","ssdeep":"","tlshash":"f4412096124afa2ff49a4dce363d2c73114dc118c3d9942d58a9c96a368103bbfe31cb","size":2314,"data":"","first_seen":"2025-08-11T16:38:13.802583Z","last_seen":"2026-04-06T13:01:00.1352Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/5066-dc91238c78146afa.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"82ebb068f617ee76f29b552aa5fe3b09","sha1":"1d8f228f5e09561f97846c7e18bec9a1c6249719","sha256":"fa4a58493d76d7e16f33c4235d8853c954360cb9d62c53cab0f979ad336e0c6c","sha512":"a5963f74f2d5d89c9f3fc485b64ae692cb743faaf54730322ff01082236267e8fa5f4f0eaa48040a54fe99c7ec8dfa01850fc8b1ae2a771e3ef0ef063a3fd869","ssdeep":"384:VxbjGQF3eJiUIzA2DrzSzIipwZsE9bfY49QksvGFC0TVfkcVZy19ibEhjvNEg5OH:KGeCzpkWGSbfRsvIJTpkcyIWZEgtjI","tlshash":"f903fbe537c170f2d7df016a907b520af33e6998240a4410a135ac993575ee9d2f3f6e","size":41015,"data":"","first_seen":"2025-10-23T04:16:55.473442Z","last_seen":"2026-04-06T13:01:00.090182Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"5238f3e7a590451004510c2b1830c314","sha1":"7994023c24ca30b4675ce842f0dd6ab96934165a","sha256":"5589270aad3679b66b759a624c5486327af8426b3ff2e53f0acfb53cd416be01","sha512":"4c8c78cea366d5bf74b611b58fc0fe4b0042bb2be1ad7d9ded480f2c45445470b3c6003d9db2af378e27d0adbadc0739bc8570655686bf3685a5970abedea00c","ssdeep":"","tlshash":"4721ac6a5245ee3ed5684d4f323c5cb3948c8107c1960c3e4290eb5a72c04377f47a87","size":1223,"data":"","first_seen":"2025-08-11T16:38:13.805413Z","last_seen":"2026-04-06T13:01:00.135743Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"f4f36863def11f698133f5ec82e3169c","sha1":"d9f1f4fc1f92aca6341d6d1ecbf0f59539675421","sha256":"52ac72b7e4cb1c2df867c14f25af49bc00f0678b7d6125822d69d3f12f094ca3","sha512":"e79a6b17a29564be5f426d5fe5d1ffc91691aa429daf02057a1ba63f65909e0059c44954adae006c951b1d5c4efc66fcb5493b0560bb9e123efaf744a1d79b5b","ssdeep":"768:9KQquVY0VkEwuyfUud1uUuYUuJUujMUuGkgkMk0kNkckJvsQJfv/8Pz:ouZRrgBaLMtsg9DKz6sr","tlshash":"e243b77a6404fa4ed4c58e8e6a3f2c36180d856a42d699bd80e4cd1756840b7bff39ca","size":59448,"data":"","first_seen":"2025-08-11T16:38:13.80748Z","last_seen":"2026-04-06T13:01:00.13624Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"3397624c64a1f2f69f253237222087b1","sha1":"65e053fd86af06c5aa0526903fa49f6c0dbd619a","sha256":"1e1e74468c41ed77396b037a92731a6c42ef84be93c5e0a70a2f2d9e429ba1ff","sha512":"788b620606972c3fde58b120d4e496884ce53706591d7cf59a7a01836bdfdd531441348dba0d327060da0a41a1b0c8ebb653ab5d3bdb26a98bc4e3e6ad1666b5","ssdeep":"","tlshash":"d4414e0badc1ff506ca5cdf912325d96e06fffb2c2b9c70dd90cb496d099125478a506","size":2172,"data":"","first_seen":"2025-08-11T16:38:13.809851Z","last_seen":"2026-04-06T13:01:00.136732Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"7bc542b3ce63fb2d79250c80cfe63b61","sha1":"458fff416f05cce419e79e9ce4743c956fb53343","sha256":"a8ae5b611ec0111a0d62b9a629cfae2e586183e87e5522fc772f94e3ee9756a5","sha512":"ea5d3659e981a4926e60147fb4b2ed92afd1b2960e7f5f33b86b76bb2b5ce1dd9e8f5313ba365054af3fda2e507bee8185e818fa01334a663da7f70d2d450ed4","ssdeep":"","tlshash":"de416e0badc0ff506ca5cdf912326d96e06ffbb2c2f9d70dd90cb496d0a9125438a50a","size":2172,"data":"","first_seen":"2025-08-11T16:38:13.812178Z","last_seen":"2026-04-06T13:01:00.137786Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/js","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"24521e6f62178b5c63360a9eea77e736","sha1":"5fcb20f45cdbfb41683fd199db499e237b635a21","sha256":"facf500cbd0ae22813ec6277d11b49168c178fba5d1d72a43d9b7d7fd556f775","sha512":"40bd0e270f9008101b6a9b7413916efda118a1b9f3efcd42bc77be01c871065ad06d3ed62b8a0c6db69f30d0d6128be95e4746af5700b2172f0c48cf92958c59","ssdeep":"3072:MQNjExl/A4mwrcxZL/LGa6n07oHn5wdK8Oe/11LMHyqsS0cnGRWMukOFQt2Wc+LS:aGgcxZX7etZsSXLMukOFu2F+e2qZm24W","tlshash":"118419ce73d670269396f478503f018ba57b29a2f45cc899b189cce42e74a9a0177f7c","size":404093,"data":"","first_seen":"2025-10-23T04:16:55.073891Z","last_seen":"2026-04-06T13:01:00.100081Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/ad_status.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1fa71744db23d0f8df9cce6719defcb7","sha1":"e4be9b7136697942a036f97cf26ebaf703ad2067","sha256":"eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9","sha512":"17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f","ssdeep":"","tlshash":"9e8000823a082223e8a28088830ae2202c82080002220808c028000020808c380088e2","size":29,"data":"","first_seen":"2023-03-07T01:02:17Z","last_seen":"2026-04-07T04:30:27.386551Z","times_seen":4305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/cast_sender(1).js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"226a9abc9e14c4b8b452223d2b4631e7","sha1":"89a9eb890755c16982d8571d9cdfe42726a4c7b7","sha256":"7f6bfc238b9bddfabbfc20464944718e0246088517cf84a2d2aa2bc8c1e380a5","sha512":"d4faec7997f057be268e080f3703a7ceadf473cbe1681a70ddc10c309da6630df1d5513ce4bc9c862e65699dd7e891dba614b004bf1a0b2b57feb1b218cb838e","ssdeep":"768:TYrRwoA88niJYbfJdjRNP5qF1BgOKpgFSavh1ZhViey6pkFlprFfVvQH9qVHLiho:TYrj/8cOnRaBgpgDQey6pkFlprFfVvQi","tlshash":"f7231b0c6971623db2d3e8f020bf00a97e7a787db444846e7988dce2597568d852eff4","size":48673,"data":"","first_seen":"2025-07-21T20:04:55.585785Z","last_seen":"2026-04-06T13:01:00.079189Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/v2.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"80607b84e3b9d672ed7f1466a1b2ca71","sha1":"44403d53a65c7ea1bcde4147d841a48a6b1bd93d","sha256":"1366e96a7671f1154739cefb2ca6718a43787e6d388cf88c750b5607ba1a566f","sha512":"89423810fda14a357fe4df19b7c72c1c2b1f71e7a9958ca11408043155720a794dcec813828a3a4b2ab81f08377601fa98b6644203c0cf9a402f1c327a84cb14","ssdeep":"6144:sc8Kndt5yaj2/VynaBNyqo0yiZmMbtLKOplF5lp88qmCBMxrueGd6BtZunVqL:ISdbqokZmWFzp8Nm9IeGd6BmVqL","tlshash":"d5c45cc53181f1215bb301b660bf600bb33d5d29780d8990e665edda38e995ea13bfbc","size":581713,"data":"","first_seen":"2025-07-29T03:17:52.01102Z","last_seen":"2026-04-06T13:01:00.113545Z","times_seen":256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5b8eb86a24bbf2a52b0c48fe60fd8e7","sha1":"a6dd0a6f8ae1ba70958be37abdf33adeb3ba8c1f","sha256":"8802cd3f242ca19208465cc3c021263b91479a5247c362010fd5fcde86ff6777","sha512":"db3e02212c242ba3681855e2022ce20f16c0d10454bc68ca5abfa138fc5f9f7f0583de1e0b3a5652c8a14a11536a7fd53183330a9f79ba111a0713cd47c30b1e","ssdeep":"","tlshash":"97417e0badc0ff606c65cdf912326d96e06fffb2c2b9d70dd90cb496e099129478a506","size":2175,"data":"","first_seen":"2025-08-11T16:38:13.814184Z","last_seen":"2026-04-06T13:01:00.138295Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"fabbc0364f1f7eaab731c12e410978c6","sha1":"7abf8afd59d07801bbda7e2d7f6818576587f1df","sha256":"e4bdb59c77568cfade71ae382ae7b97862cb4edcaf0dd2c1fe90f438e62f1f5f","sha512":"6f458d26e66e8366ea12b678fe1fe7284d89b50b2498cdcf33a66ebd4fc5b6e66460edbcedc2c4ea8c0f96d19a9b191532632a5e2e3f6d2b5f9acc6d72b99806","ssdeep":"","tlshash":"cea02223c228c823003800a000a33002e00803208803a00c830a020830e802bfe8c08b","size":63,"data":"","first_seen":"2024-08-19T23:27:20.830797Z","last_seen":"2026-04-06T13:01:00.137271Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/osano.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d5614f84339af2ee1286f9ac8a0a576","sha1":"e851674b8e3f7a3c12c8dcb06095e8b8d657656c","sha256":"9d95ed773270abaa1a2ed1375453e04142b5758d4003ed02559c9361dd985c93","sha512":"c563780327e7efed1c4db752a4d6dcc4182896a11cfd8692723d9301a0b2521dd3c217a9be5ebd5ac556160bc48c7d128755ce4162a44547f2c1f1dfadaf142e","ssdeep":"3072:l6X4enSf+6zrk9bym39gTJsacCkXgTp93BFha/qmOmLpRZ+2zxvp+Tt:l44KSfZqCkXW9xra/qmOmLpRM2ztYh","tlshash":"b83408e536daf5b102e256e9843b0609f339ae45342dd090f364dec42c2864fa676f3e","size":249706,"data":"","first_seen":"2025-10-23T04:16:55.733456Z","last_seen":"2026-04-06T13:01:00.132114Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/main-DKnwhA04.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"04d0691ef560adb488e4b6f4644c5265","sha1":"703691dce49d4244b1c58dc10ab8a285e19b2942","sha256":"b1f432b4a9c8585760646aeb5a5e9686154ca139027818dd7ad9744e290ac647","sha512":"af80daf0b9be2e06be01828c6be6eda731cd8f1ab5f767eec9359f247367758117387dd844c0e725415cde1ef33f7e62cd579a1d9cb6d0fdd569bebf417073cc","ssdeep":"6144:QsJU8SN+jtxVR/ZgQu2W/rLEPhCWVcq9kNE:QwU8SNr2W/rLgjV3uE","tlshash":"b0544ad47295b43443a700e5507f2006b23e5c29a809c068f6adddf67db99c9a2b7fbc","size":283592,"data":"","first_seen":"2026-03-26T09:27:08.846862Z","last_seen":"2026-04-08T07:11:32.502835Z","times_seen":546,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"bef1af8d0c702e486d06c7c8952c4148","sha1":"a079d0d888866a3461c93b2de060d7c1f096af2f","sha256":"40010887ad972746760ddf9e99e9fe419bf58f541f6cc071342257dc2b252a6b","sha512":"14836f796d264f5fbf7b236fb15e842cb2d888ecd6d138ccef40ba6177d51e698129fd30b7f10bc712155f180b0d360de831d3e78030c24a657205fe9145e113","ssdeep":"","tlshash":"34f0b40b9dd1ff106c65cdfa12325d82d06ffb71d2b9c70ed908f09590aa115439e906","size":484,"data":"","first_seen":"2025-08-11T16:38:13.816875Z","last_seen":"2026-04-06T13:01:00.138878Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"midnight-od.com/index_files/bc8831281eb208c3.css","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/bc8831281eb208c3.css HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 02 Aug 2025 12:44:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3523\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":11540,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11540), with no line terminators","md5":"8a6b7ff276c76854eba33e5d932bf0c3","sha1":"8904f77fe10b5fc719dae61233cbac719e7663fa","sha256":"8475ce402e27c127ec0753bafb5e33ae134f3f0a5ae686d5a693fe89e1879539","sha512":"aea28983f77e9ab388ff9b800270e228887724cbc50fb252171478fcb71e95ecfa82a71771dd579d885fb69a1f1fc06dae213baec42f1ec95c9814353e146095","ssdeep":"192:3mUJbiKneTJTXdKSme+jeHo0v2GZHcZ5Dfufs:2UbeTJDdKW+SIg2WoRWfs","tlshash":"8f32eda86310281352134f3247b59bb4ddb4489207d3cd7ea1c1ad84d6bacbd276f6b9","first_seen":"2023-11-18T08:45:41Z","last_seen":"2026-04-08T06:41:53.61244Z","times_seen":101,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bootstrap.smartsuppchat.com/widget/3ae82aea086ace3d4401828ba30fa254a130413c.json","fqdn":"bootstrap.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"18.193.21.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.smartsuppchat.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 02 Dec 2025 00:00:00 GMT","end":"Wed, 30 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DC:47:26:FC:2D:4B:14:19:23:BC:B7:70:14:DA:60:A6:21:B0:1E:81","sha256":"0D:5E:FD:70:25:9E:DE:DD:47:CF:0C:58:1C:08:A2:A1:05:AC:A6:7E:0C:43:6F:50:E7:49:E0:A1:60:D0:0E:0F"}}},"request":{"raw":"GET /widget/3ae82aea086ace3d4401828ba30fa254a130413c.json HTTP/1.1\r\nHost: bootstrap.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-version: 6cb79abf75047496934c7756b55ec6f26e7d2373\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: private, max-age=0, must-revalidate\r\nx-hit: redis\r\netag: \"4ae-Jt95KB4lhLcE8+iQwCNZPCueNIE\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1198,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4f18805e17e4c1e8e9e07a360e4a69d2","sha1":"26df79281e2584b704f3e890c023593c2b9e3481","sha256":"6281c13b7e0567048cb6d2f22a76664459e11449f8de893a5852cbd5b5f202f9","sha512":"367418c85fe832ff0d1c662bcc9c08160f6bd9e7fa17da26c06a5620f111a62eee9ab949fb41b9cdad283bca566c40db697449e3c99b7fc3865936d14c504043","ssdeep":"","tlshash":"9421686d4a6822fd5245c7d6c5047a076bbcdcb371043e7eea0d0a4e70db2e5223646b","first_seen":"2025-07-17T12:46:19.667078Z","last_seen":"2026-04-08T07:11:32.469419Z","times_seen":4412,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":132,"dns":28,"connect":21,"send":0,"wait":27,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/5925-4166237618ab52e9.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/5925-4166237618ab52e9.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 31496\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31496,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (31496), with no line terminators","md5":"f005e9303ffd0bc3af0d8bfa5241b52c","sha1":"6d3c108425d01cc374b586a1a95261fab90d0e32","sha256":"37f82f138746f163d45b89aed6ce6b8b7fdc308fbf49789fbfbae70bf4a113f9","sha512":"ec0009d6433337be84c15bf612910cbcd618715b2c0200d0dc09cac4b0006680d7079c786a5cc8ba3740f4ba0870baa56d136835bd45c8664432e4c94b42571c","ssdeep":"384:AkNfk9vLE8Ovw45ZvvtILugpcq+Dk8ICCKFltXkbn17S/Wli6rBc:XNfQvgXRPScq+D/+bn17S/Wc6dc","tlshash":"dee21e95f1a6eeace97b88d5942fc40cb11e7f4cce0ec8a4f8b868241d445d47a52bcd","first_seen":"2025-10-23T04:16:54.689029Z","last_seen":"2026-04-06T13:01:00.090809Z","times_seen":5,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/saved_resource(1).html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/saved_resource(1).html HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 02 Aug 2025 12:44:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 149\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3c2ccda97c47ede0b1c91b11efd575ea","sha1":"0a348c4b61c961aba7618f909beb87f740a81983","sha256":"97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50","sha512":"31afbe911abfda33a2948d14578ba290b604920983118ca5a6268a9906120ef365416e5e776ea685d648eef7a2ee2245f424829fdd4c7150d944f4bf673aee28","ssdeep":"","tlshash":"50c08cb52412200ba220aaa2dadde56408408010a04a8c82a04039ac65cc35ce8a3690","first_seen":"2023-03-10T00:19:37Z","last_seen":"2026-04-06T15:46:09.085306Z","times_seen":1205,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.api.osano.com/record","fqdn":"consent.api.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"54.240.174.46","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.api.osano.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 28 Jul 2025 00:00:00 GMT","end":"Wed, 26 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F1:51:FD:43:43:53:71:C4:CA:5A:AD:0B:90:E3:D0:A6:DB:6D:C3:E1","sha256":"D8:FB:08:D1:58:7A:85:07:16:D4:54:DF:0C:05:09:19:0F:0D:83:2B:4D:17:83:5E:30:DD:4A:70:48:40:95:8D"}}},"request":{"raw":"OPTIONS /record HTTP/1.1\r\nHost: consent.api.osano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://midnight-od.com/\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 0\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\naccess-control-allow-methods: POST,OPTIONS\r\nx-amzn-requestid: 81508fd4-59be-424b-aed2-78f697a72644\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token\r\nx-amz-apigw-id: bZeDhHT_DoEEfPA=\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: BtpjoESTFbp8LXK1g8xR3vXJsSatEP8_uaVDXcx12Kbr88JcCBxWFg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":37,"dns":23,"connect":1,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/chunks/app/%5Blocale%5D/not-found-64d5832746b296cf.js?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/chunks/app/%5Blocale%5D/not-found-64d5832746b296cf.js?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/869-a6ea874d4dd8aa27.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/869-a6ea874d4dd8aa27.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10892\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10892,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (5777)","md5":"75a5b759e0483f0c11720cb6f65d612d","sha1":"06e7db606639a36e180ce65713c82d186f5c1a3f","sha256":"6ae827d08904c561d71aff235bfedf7a2314cee32c1164a15969225478920a7e","sha512":"bd5c9c591dc0a20e4a67c2e2447c5d3149016fa67bf7070cf5a8c220ab096561c783758e30cc8999b013bfa33ffaf799ef42e9dc42f9674a6e00f255a335bc58","ssdeep":"192:ylmgoJsQ0mR92QJpMDTmFMmmNocVXM2oa/K7iCByx0:yQbEm72QrU+MTRG+K7fi0","tlshash":"5022544536a976e57acf249580ff980ff36f560c242c10b4e36098ba586e06e70b7fd9","first_seen":"2025-10-23T04:16:54.239254Z","last_seen":"2026-04-06T13:01:00.089591Z","times_seen":5,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/gtm.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/gtm.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 313322\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":313322,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (5289)","md5":"89ceb969f3c1878eebc332b58b8d24db","sha1":"2b367e1765d5f03a5c8c3e08b7327079e475b391","sha256":"90529f2bb962860258050afbc1296e76481768a527d5e9f601c67e9470362b69","sha512":"f9a1f0d4954658a7f9d91eb08253661dcf263a3331ab6ce33b862298f707b4145768e65c389f5a3407e78fc643ee78da642407320eb251651ef87e3cba270e9d","ssdeep":"3072:mNnjweWKA8xwym6o6A07J58JGXbrunAxVOrqtcRWaWU5Fjt2YwTYyDgA:BgvmZHnUOq9aWU5Fh2nTYyDv","tlshash":"fc6418cd73d6b42283a2a478503f018bb57b69e2f44cc899f185d8d42e74aaa4177f7c","first_seen":"2025-10-23T04:16:55.263222Z","last_seen":"2026-04-06T13:01:00.105457Z","times_seen":5,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix(1) HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/saved_resource.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/saved_resource.html HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 02 Aug 2025 12:44:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 149\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3c2ccda97c47ede0b1c91b11efd575ea","sha1":"0a348c4b61c961aba7618f909beb87f740a81983","sha256":"97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50","sha512":"31afbe911abfda33a2948d14578ba290b604920983118ca5a6268a9906120ef365416e5e776ea685d648eef7a2ee2245f424829fdd4c7150d944f4bf673aee28","ssdeep":"","tlshash":"50c08cb52412200ba220aaa2dadde56408408010a04a8c82a04039ac65cc35ce8a3690","first_seen":"2023-03-10T00:19:37Z","last_seen":"2026-04-06T15:46:09.085306Z","times_seen":1205,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"action.dstillery.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49","fqdn":"action.dstillery.com","domain":"dstillery.com","tld":"com"},"ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dstillery.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 14:21:59 GMT","end":"Wed, 17 Jun 2026 14:21:58 GMT"},"fingerprint":{"sha1":"A1:1B:1A:E0:76:DA:69:6A:25:36:D4:3B:0D:36:E5:47:EF:0D:9B:D9","sha256":"40:0C:32:2C:1E:76:A2:69:A9:A6:2F:DD:9C:F5:D3:8F:18:4F:60:F2:0F:35:DA:AB:6E:60:A0:E4:CD:D8:B5:3A"}}},"request":{"raw":"GET /orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49 HTTP/1.1\r\nHost: action.dstillery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://action.media6degrees.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\ncf-ray: 9e80dea518c156af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":44,"dns":22,"connect":1,"send":0,"wait":410,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/remote.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/remote.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 123727\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":123727,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (543)","md5":"5710dad6271a9165f17934e672bb8ac4","sha1":"27883df4ccfa9ad3c1521b0b3ba3a7c0825b366b","sha256":"4fd00d63c35ce4eba964b2a5d4c85d890834d48043b1e4662188040cdb037a67","sha512":"b9637479157698f04228540de9af16dab54b6e693a31c194676d40403e833c59adc35872d3daa68502e6aa2a9d5c027616ce08078170f0bfbc62b4c5769bc2ae","ssdeep":"3072:2+/9NZ+j47HULFoCFp2PkPa3IBG44BLn3qsZP0xPljNN9ntsmpNw:2S9Oj47HULFZz2Pt3IBG44BLn3qsZP0o","tlshash":"5bc3c398b551b02132a3f4f9093f200a56372ae8a49c426c760aece35c7dd4e5677ff9","first_seen":"2025-07-30T13:06:15.598584Z","last_seen":"2026-04-06T13:01:00.091384Z","times_seen":462,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.ytimg.com/vi/Nn39DYe1otU/sddefault.jpg","fqdn":"i.ytimg.com","domain":"ytimg.com","tld":"com"},"ip":{"addr":"172.217.20.182","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:58.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:36:30 GMT","end":"Mon, 08 Jun 2026 08:36:29 GMT"},"fingerprint":{"sha1":"04:A2:59:DC:03:E0:86:68:FF:D2:65:46:A3:5A:69:8B:E8:13:E9:C2","sha256":"7B:6E:7A:B6:20:72:C7:3F:CD:B0:29:15:D6:4D:A7:4E:C3:3A:28:CB:22:5B:2F:04:02:2A:50:97:9F:7B:0D:AA"}}},"request":{"raw":"GET /vi/Nn39DYe1otU/sddefault.jpg HTTP/1.1\r\nHost: i.ytimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23574\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 06 Apr 2026 11:45:47 GMT\r\nexpires: Mon, 06 Apr 2026 13:45:47 GMT\r\ncache-control: public, max-age=7200\r\nage: 3371\r\netag: \"1750787035\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23574,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3","md5":"35adc250cfc6dc293950244f05b70b99","sha1":"e6c57dca1f55f334203d1af278e2c0ed46bc20fe","sha256":"5a877fc0c6319d4132b431902f19b45286dee4dfc9ee1f401c3df96b5a8d4149","sha512":"d0e6a64ba11c0ca23d571da9806f2e6493404855678e73502cabf2f965e2d27a1208e2d3594fdc9e2856367c87412ffeff163f690c60ced4d776fd2382789697","ssdeep":"384:9IFrUFVFu27Xh6G7Zbqr5fdHGGcRCyt0a9edkdCXhyVPN7zRTAU3yAg06zj:9IF6FF7xkr5dUfr4dkcXsZBzRTtCr06X","tlshash":"e2b2dfe3725cda87642a05fe9648713cbb6325b32aa70ca8d4af0451fbdc334985e033","first_seen":"2025-08-11T16:38:13.682195Z","last_seen":"2026-04-06T13:01:00.098326Z","times_seen":10,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":104,"dns":25,"connect":8,"send":0,"wait":9,"receive":6,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/1129-a2bea5e33d0056a2.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/1129-a2bea5e33d0056a2.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4268\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4268,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/media/0e96d314a90a6138-s.p.woff2","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/media/0e96d314a90a6138-s.p.woff2 HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://midnight-od.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/icon0.svg?5db6923b1275639b","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /icon0.svg?5db6923b1275639b HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/css/cf389df63b1d0248.css?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/css/cf389df63b1d0248.css?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/7664-7ac50ee128122d88.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/7664-7ac50ee128122d88.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7708\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7708,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (7708), with no line terminators","md5":"3008a8b6fa952707b991dedb6e3a9433","sha1":"5e492337eccd9e961ce44778ed583a3481492999","sha256":"a611b1eae65df5ed3de36620f52bbfc3da68b958284c37b792eae731e066349a","sha512":"09620af246c1d30afab4f5ca2250bc08201476b16a356252dc905f82221c6f3efddd14709249e11c7d3bbfc8ae40c413bc227620392e15e5a2e972d18b15db8f","ssdeep":"192:THDV/lkgo/9Cp8kINE1pd+4y0bzW+1AOlq:ggSCMNARbCSAOlq","tlshash":"9ef151e6b2f2b52583c36161083f0459f43eda94768f826de164d8d6bcbc488d43bf29","first_seen":"2025-10-23T04:16:54.387829Z","last_seen":"2026-04-06T13:01:00.088467Z","times_seen":5,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/4251-809de9329659cd65.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/4251-809de9329659cd65.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 90517\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":90517,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"501ecbffbd8d64c220825484592cb3fa","sha1":"c3d23379df351792b7a4c9e498bc6b4b09404938","sha256":"fd3771178cb0f44f97eaf1dec4d91e36e0188c6c6eeebe6c195bbddf2dbacfa2","sha512":"2f2d222b750013eea95d7665f37cc01237120148e37c6febf6f3e4bd5583c0a01a8e6a839a99a36259f1d3c603d03391a7e4364b5a8eb57b08fb1cc9029cb599","ssdeep":"1536:l5sszYQCV7mxBlxvHvm8f4K56WPlgCJ/Ruidzvpcwnv5CXiA6wwQ:lOIXg1QtBTPLQ","tlshash":"ce9309dab22175b692eb529b82a9c111b3f55844b449c43cb1f88cdb546c99c03feff8","first_seen":"2025-10-23T04:16:55.499613Z","last_seen":"2026-04-06T13:01:00.085257Z","times_seen":5,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/pixel(1) HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 277\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":277,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"edb377166ae87d3b43280c1c4b9f2f5e","sha1":"28086acf1174dcc9e25390853e17bd6cea201172","sha256":"1577556bbd53f68f49f1a812559cf3dbeda741572ae835706b4b19868178229b","sha512":"19341ad01b905f9f2a30a6aa2376f9fb9fe1d029f96e0fb4210f6e9ee4828ca7b4c49807b8200eb5790fc8a3db50b88d63a5c048aea546bd9cb7a21727fd6626","ssdeep":"","tlshash":"add02b2b9d05aa39234680be94b4d139748d207856219807d18accad24f8ee15c9d9a0","first_seen":"2025-10-23T04:16:54.630728Z","last_seen":"2026-04-06T13:01:00.076345Z","times_seen":5,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"action.dstillery.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49","fqdn":"action.dstillery.com","domain":"dstillery.com","tld":"com"},"ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dstillery.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 14:21:59 GMT","end":"Wed, 17 Jun 2026 14:21:58 GMT"},"fingerprint":{"sha1":"A1:1B:1A:E0:76:DA:69:6A:25:36:D4:3B:0D:36:E5:47:EF:0D:9B:D9","sha256":"40:0C:32:2C:1E:76:A2:69:A9:A6:2F:DD:9C:F5:D3:8F:18:4F:60:F2:0F:35:DA:AB:6E:60:A0:E4:CD:D8:B5:3A"}}},"request":{"raw":"GET /orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49 HTTP/1.1\r\nHost: action.dstillery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://action.media6degrees.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\ncf-ray: 9e80dea5a93f56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/zmIq31voDSWI8AGyiRJe9t7MieBaDmAxmnftlUj7E58.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/zmIq31voDSWI8AGyiRJe9t7MieBaDmAxmnftlUj7E58.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:43:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 59229\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":59229,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (57977)","md5":"d601534c559fb0cc2f6015a6978a7d50","sha1":"6e2550f921267508905c29a80589a8be75b03f7e","sha256":"ce622adf5be80d2588f001b289125ef6decc89e05a0e60319a77ed9548fb139f","sha512":"4f02363996fbbf5950977e019fd23544394a8b51f3c6410c0feca817b33a1a1262bebe7b238b0d45d967bc49159dd5f6b83c76888a66aac0c1ba884309250ec9","ssdeep":"1536:jn1ZsieoP9oqsRFhyoXoumqlVS46ZLBUX2MtbnGj1E:7lonRFsoXoubMpLg2MOE","tlshash":"a34318dfb2c367351ae271e2009b600a52bba9559c981d5fbd01e6f41e31d87b02bf39","first_seen":"2025-07-26T08:13:23.535773Z","last_seen":"2026-04-06T13:01:00.083116Z","times_seen":213,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/embed.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/embed.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:43:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 33660\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33660,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (3391)","md5":"63ec9f60ea2990a0f7295611655033fb","sha1":"af5abfac40f0a6f7172eb72ae7bdbd515284edff","sha256":"6ee9b581c1f6b5ac31c4d6cd69741652b058375541fae0858b49454af19f03b3","sha512":"fd33c7fe72ac6d06e8667f99e68afc4356b2cbac799a5ee54ae11c364ba4d9cacac7ca1dcac28b7b55a0b28dbd74f95f96391c82f6e7eaa0fc66ee6ef3999535","ssdeep":"384:tYRgyq+e8v2cAKicdwxEUbWu9u0fdypHBZgnj/XNtaKyVlf/MFbbXRZWeUpppJFu:V+1v22UEUbpu0EjGh1olX2H6pA","tlshash":"f5e2e54e37e0e4249565e1ea1c0b2104633b94dd18e0a3ac763eeefa2d75d18b43af75","first_seen":"2025-07-30T18:59:23.411352Z","last_seen":"2026-04-06T13:01:00.082622Z","times_seen":595,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.api.osano.com/record","fqdn":"consent.api.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"54.240.174.46","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.api.osano.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 28 Jul 2025 00:00:00 GMT","end":"Wed, 26 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F1:51:FD:43:43:53:71:C4:CA:5A:AD:0B:90:E3:D0:A6:DB:6D:C3:E1","sha256":"D8:FB:08:D1:58:7A:85:07:16:D4:54:DF:0C:05:09:19:0F:0D:83:2B:4D:17:83:5E:30:DD:4A:70:48:40:95:8D"}}},"request":{"raw":"POST /record HTTP/1.1\r\nHost: consent.api.osano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 224\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":224,"data":"{\"extUsrData\":\"\",\"osnoCustomerId\":\"AzZXI3TYiFWNB5yus\",\"osnoConfigId\":\"2016b368-eac0-4852-b001-c9fd9aaaaf77\",\"userConsentId\":\"c4212584-1dc8-4f9c-a515-41d4a0682562\",\"consented\":\"ESSENTIAL, PERSONALIZATION, ANALYTICS, OPT_OUT\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nx-amzn-trace-id: Root=1-69d3aa16-33b238e563424b9f57aee8c5\r\nx-amzn-requestid: f47fa8e3-e1cd-4e29-be1e-3f2afb1cbae3\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With\r\nx-amz-apigw-id: bZeDiEOuDoEErYg=\r\naccess-control-allow-methods: POST,OPTIONS\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: DJeTbeUttveGase3YggfLJoAhFtzhNXMrDdFYDh5HYiAbV6rTO3aug==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/4922-1d859531bf4b2f28.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/4922-1d859531bf4b2f28.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 48623\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48623,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (48623), with no line terminators","md5":"0b8e7f0c0a9735f427206db6ea63f8ea","sha1":"2ee15eefe4c9d113b90d13da5f5e390008bd9e20","sha256":"f89e0c00d945ffe04d6dbe81112e18840510b8432218b4bdc8e913c11e7ba6ed","sha512":"36a45b91dc5bfdf677dfd3fc347890ff76ad2bfe81788bf29df19c3a682232e600bad9a2f2ea0d385896f3cb3ef49273a064c5e298c1371fb04ca3ec06960dff","ssdeep":"768:OHMxk+tCyRg1igpDcw9Q6FOdtt+QfcIzYV9:OcO31igpTdOdbPe9","tlshash":"a523f889326b72974bde40c56471030ae2349e992448640dfeb47fe7d496ec9a2fbf31","first_seen":"2025-10-23T04:16:55.428204Z","last_seen":"2026-04-06T13:01:00.075586Z","times_seen":5,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/cast_sender(1).js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/cast_sender(1).js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 48673\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48673,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (1633)","md5":"226a9abc9e14c4b8b452223d2b4631e7","sha1":"89a9eb890755c16982d8571d9cdfe42726a4c7b7","sha256":"7f6bfc238b9bddfabbfc20464944718e0246088517cf84a2d2aa2bc8c1e380a5","sha512":"d4faec7997f057be268e080f3703a7ceadf473cbe1681a70ddc10c309da6630df1d5513ce4bc9c862e65699dd7e891dba614b004bf1a0b2b57feb1b218cb838e","ssdeep":"768:TYrRwoA88niJYbfJdjRNP5qF1BgOKpgFSavh1ZhViey6pkFlprFfVvQH9qVHLiho:TYrj/8cOnRaBgpgDQey6pkFlprFfVvQi","tlshash":"f7231b0c6971623db2d3e8f020bf00a97e7a787db444846e7988dce2597568d852eff4","first_seen":"2025-07-21T20:04:55.585785Z","last_seen":"2026-04-06T13:01:00.079189Z","times_seen":9,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"action.dstillery.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49","fqdn":"action.dstillery.com","domain":"dstillery.com","tld":"com"},"ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dstillery.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 14:21:59 GMT","end":"Wed, 17 Jun 2026 14:21:58 GMT"},"fingerprint":{"sha1":"A1:1B:1A:E0:76:DA:69:6A:25:36:D4:3B:0D:36:E5:47:EF:0D:9B:D9","sha256":"40:0C:32:2C:1E:76:A2:69:A9:A6:2F:DD:9C:F5:D3:8F:18:4F:60:F2:0F:35:DA:AB:6E:60:A0:E4:CD:D8:B5:3A"}}},"request":{"raw":"GET /orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49 HTTP/1.1\r\nHost: action.dstillery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://action.media6degrees.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\ncf-ray: 9e80dea669cb56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 21:33:44 GMT\r\nexpires: Sun, 04 Apr 2027 21:33:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 140893\r\nlast-modified: Mon, 16 Oct 2017 17:33:02 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15552,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15552, version 1.0","md5":"285467176f7fe6bb6a9c6873b3dad2cc","sha1":"ea04e4ff5142ddd69307c183def721a160e0a64e","sha256":"5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7","sha512":"5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1","ssdeep":"384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi","tlshash":"8462e103f2bc4c01e786193ebb5870237205272619efa67780ce7ea4c65ec81a39b457","first_seen":"2023-04-05T04:58:40Z","last_seen":"2026-04-08T07:39:10.651898Z","times_seen":338735,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":208,"dns":7,"connect":21,"send":0,"wait":9,"receive":2,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/style-KNmfGZZQ.css","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:59.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 10:33:12 GMT","end":"Wed, 24 Jun 2026 10:33:11 GMT"},"fingerprint":{"sha1":"D0:0A:A6:39:E7:85:DF:64:B0:13:66:E3:06:E8:BF:2D:3C:AE:EA:7A","sha256":"70:D5:91:24:1D:F0:F9:7F:57:55:99:71:1F:A5:15:C2:B9:C7:21:65:6B:42:A2:34:4A:6D:A7:53:70:BE:C0:7B"}}},"request":{"raw":"GET /assets/style-KNmfGZZQ.css HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:59 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public, immutable\r\netag: W/\"69afcbd9-9217\"\r\nexpires: Wed, 10 Mar 2027 07:48:53 GMT\r\nlast-modified: Tue, 10 Mar 2026 07:44:25 GMT\r\nx-77-nzt: k7Y1Q0ivQ8smibdEsdHd0gjO/S/0xLzNzr56dYOhtTl66LYnXlqfQnGGAXFfxywWlcToE6w\r\nx-77-nzt-ray: fdb5412330b98f7217aad36949552c09\r\nx-77-cache: HIT\r\nx-77-age: 2350367\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":37399,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (37398)","md5":"e0e19bc0ef5c8a7be30d687ff72b1d44","sha1":"103123375bbaaca149d026b729eaf3ef58d2d602","sha256":"f471612283039dacc9bbab82dafd8e35ed37c4fd9d099a7af946c41231daac21","sha512":"1be4a4bce5fd32ddc8843fb781a28a642c4815fbbb891ec33e5d5ee29d1555c7338eb07e4965a7dbb4ddbc26d45381178b973a26a8f8de0ce7ea10029ab11a6d","ssdeep":"768:E8CQgTcCWYtomXFbxrnSJPHs245q+ggFgZ:E8dgTcCWYtdX3uPF4X2Z","tlshash":"35f2a75daad5093cec33c166e3f8e58c9229f591df321adaf6433a048ac27bf1987514","first_seen":"2026-03-10T08:00:57.31215Z","last_seen":"2026-04-08T07:11:32.510693Z","times_seen":1686,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix(1) HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/6649-482119baad8450e1.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/6649-482119baad8450e1.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 143956\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":143956,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (64357)","md5":"c33c21aae84a9047e3286b2b6b291f1d","sha1":"d811b51c48d3573a6176442824455e99e60852e7","sha256":"943eb28d1f32a0b0eee768b2d637c799b3dc39082b97299306cd1315ea34a511","sha512":"c5e8cbd8166c8c3221d70163ace4268c410cda6c074ba05496920ba6bd8f916b38326a19ffd73b325f6ff6dbd682dcf3558fe7abefc88ecbabe83a8bef21f27f","ssdeep":"1536:liuViTK9nRiEUXC49hYgaMb6B4/LJdx/NOrI8MYLI7puHoWg5LDrsmYJ9MBV/NZK:aV9hv4qb6UvL3/67X","tlshash":"3be3f8aa73517535c3db5199c06b0a41f33b29d8240a402cb67dedcb256458ab2fbf3e","first_seen":"2025-10-23T04:16:54.405883Z","last_seen":"2026-04-06T13:01:00.081465Z","times_seen":5,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/v2.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/v2.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 581713\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":581713,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/f8e947071f9f1b8e361fedce5d26cc1180afc6d8-1788x1274.webp","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /f8e947071f9f1b8e361fedce5d26cc1180afc6d8-1788x1274.webp HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:57 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 02 Aug 2025 14:16:43 GMT\r\naccept-ranges: bytes\r\ncontent-length: 28562\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":28562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e5fe07c4e15cb2c194e0b9e5050fe11e","sha1":"bd9a187b225b0056addbe3666b544c441bd897ff","sha256":"34c501c2ab608588becab45d6a2c38e1af59a1ab36dedf3adb1f60df84e2a836","sha512":"d8e1e3e6326a51cf3f0301b7dd068e8b644852816f3dd71bd83aa167fad3997ca58be02ffd88a34432aca4c6e675482e95690b809192b240f94881cefc14cd50","ssdeep":"768:W9peI8aUNwQJObKbePM7v8OlOElm9oEJbvc1IkkIrpdL:W9pua1QEJPudlEoGbU1+c","tlshash":"19d2d1f7466a9a46dd001b3c9fddcb586ca340c9d16c47ea9d4b9b144b8f33bd2d8026","first_seen":"2025-08-11T16:38:13.717904Z","last_seen":"2026-04-06T13:01:00.095729Z","times_seen":6,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/main-app-420abd7798f6e175.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/main-app-420abd7798f6e175.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 473\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":473,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (473), with no line terminators","md5":"1d45661648b73d31fc3b9b073b1abb11","sha1":"33d7b68d474e2996c2b4673207fc6e183f027802","sha256":"8306894da00cb9ab79e7d9336398c5f3ec3f7c361fc125a5b26c1bf2a5982b2b","sha512":"ad20bd27c3fd60aec13fd7d60831590d3385a77da654dbbabea8ca421cbcb07fa294e164727d7453d93adccc00a7337aa25a6fe6ac81a0c99f133634136545fc","ssdeep":"","tlshash":"b8f05e9a264d742f28336a60fdd7ac2e285e8139287758506a05ddb12c33a6cd2f0c38","first_seen":"2025-03-05T05:44:32.012927Z","last_seen":"2026-04-07T03:02:36.55706Z","times_seen":167,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/297-6d76bae9b6e1ddd1.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/297-6d76bae9b6e1ddd1.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 19207\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19207,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (19207), with no line terminators","md5":"672529b44ce7835ba12a9cd965c10243","sha1":"fe31dd4beb4a2a6261bbd5eddd4f5e0e726dbc21","sha256":"0786d452a90f5299a126bb72ee4101b59b61fec75cfa67d1a0177cd44cb0fd3b","sha512":"30a685f3733445e1f971b2c8af02a442a8e20fbc419b137e256b373696dbf2cca700760df9991c7ce3ab370f0bd44fd7fc5a363a12733d8d3fd9aeba1a3437e0","ssdeep":"384:PyWF9waIrt8J2nHrGD2ON7OKJCEnqAOGWougqMOmsRf5/bb2wsOU7S6OwTTTOJ6/:DIRSDfNCcCEnqpGWiqNxRx/bb2wt0Svk","tlshash":"5682b6ffb3f571c4d10e8ff098bab82d763b35f97a08c29486999568b5191c8a046ed0","first_seen":"2025-10-23T04:16:54.500236Z","last_seen":"2026-04-06T13:01:00.07695Z","times_seen":5,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/layout-df5ca0ab215fe9d8.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/layout-df5ca0ab215fe9d8.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13433\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13433,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (13433), with no line terminators","md5":"e43cf68420bb63cae37b095ea7e4676d","sha1":"3e9e41a4a62644e1a7d64ac1408852245277dd57","sha256":"92fba156eaccbe0c0793b175356758f1db492a969b312a1dc1178c2e0a9448af","sha512":"d5a40fa0952f418bc72bd07d92e2da7099a4816c8649de53080cbe1a3b28dcf612c374f7111dfb48ecf68e2cc3ffd67d63e87113e747936363b75116221a411c","ssdeep":"192:E538LPEnxrHpHAFkkn6nFq5Nhypx3QcUDYF6kZAmJF9M+xrzVv8Q16:ERdnxTyikn6FqfiBQc79AmJMkmN","tlshash":"fc529bdda3d4bedcb8674c99ff6b980c710f66649e1b0860696dea50180b1d8f513fc8","first_seen":"2025-10-23T04:16:54.71733Z","last_seen":"2026-04-06T13:01:00.093144Z","times_seen":5,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/osano.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/osano.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 249706\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":249706,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1161431244.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 10:34:08 GMT","end":"Wed, 24 Jun 2026 10:34:07 GMT"},"fingerprint":{"sha1":"C2:80:24:A2:B9:B5:FE:08:D5:9C:54:4B:3A:9A:8B:58:11:03:59:30","sha256":"4F:89:7D:DE:1D:14:7D:79:28:01:77:E4:A2:61:C6:AD:B2:D5:1B:97:99:F3:76:01:2B:E0:9D:C7:39:4A:42:7C"}}},"request":{"raw":"GET /loader.js? HTTP/1.1\r\nHost: www.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=300, public, s-maxage=60\r\netag: W/\"69cac7a9-4668\"\r\nexpires: Mon, 30 Mar 2026 19:03:15 GMT\r\nlast-modified: Mon, 30 Mar 2026 18:57:45 GMT\r\nx-77-nzt: kwgdWFOf2Tcvq/FadnpoEFs6uU1CXzU77y6fZNLnPwFdM+NXLCFtap2PlInsUe8mGhnr750\r\nx-77-nzt-ray: e2f75420e307ddb714aad3694b762a23\r\nx-77-cache: HIT\r\nx-77-age: 55\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":18024,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17951)","md5":"218d24439d4e2c0990f35338a7ac220c","sha1":"5a7b913584c1244bf61beab9dc644204d130101c","sha256":"efb497f7159de26ea5e0521d675d909dc063e36d0d23c2ad96fa9109b73ee263","sha512":"17af39bfdc350c9d1f8dd74652641d0c028881ecb3935d2d9fdb763d24136665d135d00219aabac57693112e2314d4fa91b802ba2662a1580aa35c5e0b6e624b","ssdeep":"384:2/xzy2A3wyxNeBWbEgl/EuVaBWbE0rIcvqSI/aQ/UpG:2/xzy2A3wXscuVaAxka05","tlshash":"4182b7cc7691b16543ab61b4843f620ff1376929740d8865b965eae13cb8c8ed037fb8","first_seen":"2026-03-30T19:01:55.527327Z","last_seen":"2026-04-08T08:05:43.114956Z","times_seen":409,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":68,"dns":34,"connect":11,"send":0,"wait":8,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/embed.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/embed.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:43:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 33660\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33660,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (3391)","md5":"63ec9f60ea2990a0f7295611655033fb","sha1":"af5abfac40f0a6f7172eb72ae7bdbd515284edff","sha256":"6ee9b581c1f6b5ac31c4d6cd69741652b058375541fae0858b49454af19f03b3","sha512":"fd33c7fe72ac6d06e8667f99e68afc4356b2cbac799a5ee54ae11c364ba4d9cacac7ca1dcac28b7b55a0b28dbd74f95f96391c82f6e7eaa0fc66ee6ef3999535","ssdeep":"384:tYRgyq+e8v2cAKicdwxEUbWu9u0fdypHBZgnj/XNtaKyVlf/MFbbXRZWeUpppJFu:V+1v22UEUbpu0EjGh1olX2H6pA","tlshash":"f5e2e54e37e0e4249565e1ea1c0b2104633b94dd18e0a3ac763eeefa2d75d18b43af75","first_seen":"2025-07-30T18:59:23.411352Z","last_seen":"2026-04-06T13:01:00.082622Z","times_seen":595,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/main-DKnwhA04.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:59.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 10:33:12 GMT","end":"Wed, 24 Jun 2026 10:33:11 GMT"},"fingerprint":{"sha1":"D0:0A:A6:39:E7:85:DF:64:B0:13:66:E3:06:E8:BF:2D:3C:AE:EA:7A","sha256":"70:D5:91:24:1D:F0:F9:7F:57:55:99:71:1F:A5:15:C2:B9:C7:21:65:6B:42:A2:34:4A:6D:A7:53:70:BE:C0:7B"}}},"request":{"raw":"GET /assets/main-DKnwhA04.js HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:59 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public, immutable\r\netag: W/\"69c4f8c4-453c8\"\r\nexpires: Fri, 26 Mar 2027 09:19:15 GMT\r\nlast-modified: Thu, 26 Mar 2026 09:13:40 GMT\r\nx-77-nzt: k80xMiflutIZYnjzPsB4UemfEjeibNEgH3HohBY/j/f+HcSKXXUPhpbjym6yY6Dt4RFYMlA\r\nx-77-nzt-ray: fdb5412330b98f7217aad36907272809\r\nx-77-cache: HIT\r\nx-77-age: 962550\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":283592,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28071)","md5":"04d0691ef560adb488e4b6f4644c5265","sha1":"703691dce49d4244b1c58dc10ab8a285e19b2942","sha256":"b1f432b4a9c8585760646aeb5a5e9686154ca139027818dd7ad9744e290ac647","sha512":"af80daf0b9be2e06be01828c6be6eda731cd8f1ab5f767eec9359f247367758117387dd844c0e725415cde1ef33f7e62cd579a1d9cb6d0fdd569bebf417073cc","ssdeep":"6144:QsJU8SN+jtxVR/ZgQu2W/rLEPhCWVcq9kNE:QwU8SNr2W/rLgjV3uE","tlshash":"b0544ad47295b43443a700e5507f2006b23e5c29a809c068f6adddf67db99c9a2b7fbc","first_seen":"2026-03-26T09:27:08.846862Z","last_seen":"2026-04-08T07:11:32.502835Z","times_seen":546,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/3848-70958eefff98a5a4.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/3848-70958eefff98a5a4.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13012\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (13012), with no line terminators","md5":"c86a014e0ded33c49392d40c728613fb","sha1":"6811f7686cdd6518f03a70d579507aa5dfb8a493","sha256":"086995014bd22d5f55a465ff9ccf53386beb79c3db5ee1c299b47c0a2dbbb080","sha512":"e156325bd8fedf2911f282a6e2b3e7457b6e1a9114b3820c2d126d67a0cacf91044ef312c32cd74356c6eba255236f033765dd7cdf480ecc28971f78dc36c29c","ssdeep":"192:i91AEwIzrICoQE7gP5xVyDN3MUtp4jtZVNuseRFEM3W:KAEwIzrICdRByZ3MUkjb19Mm","tlshash":"7d42519cf4d2bedcf96b98c4a67f540db21f1b44de0a08b4f9b8680468451ac7653bcd","first_seen":"2025-10-23T04:16:54.440747Z","last_seen":"2026-04-06T13:01:00.078128Z","times_seen":5,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/cast_sender.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/cast_sender.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:43:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4272\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4272,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (1143)","md5":"b427175fa1078775eb792756e7b6d1e7","sha1":"4c55c0233d3d9002b3449c025f97821f8bb8900d","sha256":"ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f","sha512":"af8d384188363378bc99c2e51523e74e1d18ba77d51bff7647a377a117499421f9e94477e09907925e46dad0a908b799a616d0b4855ffff064ba6350815063d3","ssdeep":"96:bVcC0LhyRs71268NYZOAx/rfuNfnAZe5PwGNHW:B3qhpRByNPx54GN2","tlshash":"d191c68d7a70f4328aa138b6283f964ae37b50b5f4d4f0d5508ccce45a78e4a4726f6d","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-04-08T06:51:59.368188Z","times_seen":8824,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"action.dstillery.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49","fqdn":"action.dstillery.com","domain":"dstillery.com","tld":"com"},"ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dstillery.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 14:21:59 GMT","end":"Wed, 17 Jun 2026 14:21:58 GMT"},"fingerprint":{"sha1":"A1:1B:1A:E0:76:DA:69:6A:25:36:D4:3B:0D:36:E5:47:EF:0D:9B:D9","sha256":"40:0C:32:2C:1E:76:A2:69:A9:A6:2F:DD:9C:F5:D3:8F:18:4F:60:F2:0F:35:DA:AB:6E:60:A0:E4:CD:D8:B5:3A"}}},"request":{"raw":"GET /orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49 HTTP/1.1\r\nHost: action.dstillery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://action.media6degrees.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHP\u0026ncv=49\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\ncf-ray: 9e80dea80b8656af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translations.smartsuppcdn.com/api/v1/widget/translations/lang/en/defaults","fqdn":"translations.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:59.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1087630013.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 10:30:49 GMT","end":"Tue, 23 Jun 2026 10:30:48 GMT"},"fingerprint":{"sha1":"FE:60:F0:6C:13:88:B2:39:2E:11:67:71:2A:8F:58:11:3A:45:30:5D","sha256":"BB:F8:AA:87:AE:AA:9D:E7:CC:47:F2:E8:98:89:5B:12:D2:33:6C:16:8E:C6:CA:61:CB:25:84:42:51:47:56:17"}}},"request":{"raw":"GET /api/v1/widget/translations/lang/en/defaults HTTP/1.1\r\nHost: translations.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://midnight-od.com/\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=600\r\nx-response-time: 0ms\r\nx-version: c494243850baf102b3f9f705545512bad86646b6\r\nx-77-nzt: k/koP0tCI17kSfDSErsjvtcchHanZFa7sO6AjlYEMQzVsNbKVLP03w9D2UwRY+Ybfeg8AAM\r\nx-77-nzt-ray: fdb541238efa9d7c17aad369fd8a7d14\r\nx-77-cache: HIT\r\nx-77-age: 489\r\nvary: Origin, Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":7216,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"05d7604a60456ab25eb809557b353edc","sha1":"e32135b721636e7994e42748da35341e03dfd123","sha256":"5892aca834fe3f9f8fb66f68c8a3eb2295708a3b428cf355d7f3e3c1a0b7b62e","sha512":"db4124c008e22597192e1f07b44575ff191a03322f763bffb1efd129152e0f6f1546d98f5016967b32cc71a8252fefc0546aef0be258e8343fbba4ae2afe00da","ssdeep":"192:Ccdft/hc4l6WKHSY8pZcqq+jT0UHAfoW/Ymz8:CgF/hcbWbYKZcF+jhqoWQmw","tlshash":"48e1b54f9a144ea987c6438276cfb84675bc80734250993afd8cc8b842697cda3e3b94","first_seen":"2026-04-01T12:23:41.393805Z","last_seen":"2026-04-08T07:11:32.498657Z","times_seen":243,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":86,"dns":41,"connect":8,"send":0,"wait":8,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"websocket-visitors.smartsupp.com/socket/?EIO=3\u0026transport=websocket","fqdn":"websocket-visitors.smartsupp.com","domain":"smartsupp.com","tld":"com"},"ip":{"addr":"3.126.214.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:59.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.smartsupp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 25 Jul 2025 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"35:57:04:01:81:87:91:69:91:5F:FB:F3:51:3F:C3:50:59:25:59:2D","sha256":"D8:0F:70:51:28:C9:4C:A6:5A:C3:91:80:AC:41:82:E2:B2:73:5A:0B:A4:07:51:81:EC:03:09:9E:87:4F:81:F7"}}},"request":{"raw":"GET /socket/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: websocket-visitors.smartsupp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://midnight-od.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: vuVdl4e6567bSB5UWhbvLA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Mon, 06 Apr 2026 12:41:59 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: ADVV6W2ebTj8B/OGuD12C9ogUSw=\r\nSec-WebSocket-Version: 13\r\nWebSocket-Server: uWebSockets\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":0,"dns":138,"connect":158,"send":0,"wait":22,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/youtubei/v1/log_event?alt=json","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:42:00.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"POST /youtubei/v1/log_event?alt=json HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Goog-Request-Time: 1775479320564\r\nContent-Type: application/json\r\nX-Goog-Visitor-Id: CgtDanRSWXBTUmE5OCiVkLjEBjIKCgJORxIEGgAgJQ%3D%3D\r\nX-YouTube-Client-Name: 56\r\nX-YouTube-Client-Version: 1.20250729.22.00\r\nX-YouTube-Device: cbr=Chrome\u0026cbrver=138.0.0.0\u0026ceng=WebKit\u0026cengver=537.36\u0026cos=Windows\u0026cosver=10.0\u0026cplatform=DESKTOP\r\nX-YouTube-Page-CL: 788692020\r\nX-YouTube-Page-Label: youtube.player.web_20250729_22_RC00\r\nX-Goog-AuthUser: 0\r\nX-YouTube-Utc-Offset: 0\r\nX-YouTube-Time-Zone: UTC\r\nX-YouTube-Ad-Signals: dt=1775479318437\u0026flash=0\u0026frm=1\u0026u_tz\u0026u_his=2\u0026u_h=1024\u0026u_w=1280\u0026u_ah=1024\u0026u_aw=1280\u0026u_cd=24\u0026bc=31\u0026bih=1024\u0026biw=1280\u0026brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C580%2C326\u0026vis=1\u0026wgl=true\u0026ca_type=image\r\nContent-Length: 4549\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":4549,"data":"{\"context\":{\"client\":{\"hl\":\"en\",\"gl\":\"NG\",\"clientName\":56,\"clientVersion\":\"1.20250729.22.00\",\"configInfo\":{\"appInstallData\":\"CJWQuMQGEOK-zxwQyfevBRCJsM4cELfq_hIQltbPHBDds88cEJT-sAUQ9quwBRCh188cEP7YzxwQrtbPHBCG2c8cEIeszhwQsIbPHBD2y88cEIiHsAUQvZmwBRDGy88cEM6szxwQvdnPHBCBzc4cEPyyzhwQzN-uBRC21s8cEMXDzxwQipeAExCqnc8cENPhrwUQntCwBRCThs8cELnZzhwQmY2xBRCYuc8cEIqCgBMQmsrPHBDv1M8cEJOZgBMQ3rzOHBC45M4cEKiZgBMQzMDPHBDa984cEPDizhwQmZixBRCw188cEL22rgUQ8tjPHBC9irAFELvZzhwQx47PHBDlyc8cEOLKzxwQ_c7PHCogQ0FNU0ZCVVgtWnEtRE9IZGhRcUJsUTB5b0t3RUF4MEg%3D\"},\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"rolloutToken\":\"CLfYpqLJuvS_7gEQ_rfI9ZLsjgMY9Oby1pPsjgM%3D\",\"browserName\":\"Chrome\",\"browserVersion\":\"138.0.0.0\",\"osName\":\"Windows\",\"osVersion\":\"10.0\",\"platform\":\"DESKTOP\"}},\"events\":[{\"eventTimeMs\":1775479317839,\"latencyActionTicked\":{\"tickName\":\"ep_init_eps\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317841,\"latencyActionTicked\":{\"tickName\":\"ep_init_epe\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479318522,\"latencyActionTicked\":{\"tickName\":\"pe\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479318540,\"latencyActionTicked\":{\"tickName\":\"ep_init_wes\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479316908,\"latencyActionTicked\":{\"tickName\":\"srt\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479316882,\"latencyActionBaselined\":{\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479316887,\"latencyActionTicked\":{\"tickName\":\"nreqs\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479316908,\"latencyActionTicked\":{\"tickName\":\"nress\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479316909,\"latencyActionTicked\":{\"tickName\":\"nrese\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317540,\"latencyActionTicked\":{\"tickName\":\"wffs\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317790,\"latencyActionTicked\":{\"tickName\":\"wffe\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317418,\"latencyActionTicked\":{\"tickName\":\"rsf_pj\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317621,\"latencyActionTicked\":{\"tickName\":\"rse_pj\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317406,\"latencyActionTicked\":{\"tickName\":\"rsf_pej\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317448,\"latencyActionTicked\":{\"tickName\":\"rse_pej\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317407,\"latencyActionTicked\":{\"tickName\":\"rsf_pc\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317458,\"latencyActionTicked\":{\"tickName\":\"rse_pc\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317417,\"latencyActionTicked\":{\"tickName\":\"rsf_ecj\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479317480,\"latencyActionTicked\":{\"tickName\":\"rse_ecj\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479318550,\"latencyActionInfo\":{\"isNavigation\":true,\"actionType\":\"LATENCY_ACTION_VIDEO_PREVIEW\",\"httpProtocol\":\"h3\",\"transportProtocol\":\"quic\",\"isVisible\":true,\"loadType\":\"cold\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479318559,\"latencyActionTicked\":{\"tickName\":\"ep_init_wee\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479318561,\"latencyActionInfo\":{\"serverTimeMs\":159,\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479319570,\"latencyActionTicked\":{\"tickName\":\"ol\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}},{\"eventTimeMs\":1775479319570,\"latencyActionTicked\":{\"tickName\":\"ol\",\"clientActionNonce\":\"Cyzai9I2uqALwM8j\"},\"context\":{\"lastActivityMs\":\"-1\"}}],\"serializedClientEventId\":{\"serializedEventId\":\"FQiOaPzmKL3C6dsP08eYmAc\",\"clientCounter\":\"18300\"}}"}},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:42:00 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/cf389df63b1d0248.css","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/cf389df63b1d0248.css HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 02 Aug 2025 12:44:04 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 13766\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":74850,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (63240)","md5":"67b0675dffec5245dad116a1679daed8","sha1":"67b2e9e0249e058ffe97346d82c48fe7b48b0d8c","sha256":"72e07173b0dd8ecacad8f35895268c550bc897e09bde9cafb27ede9124ed3d55","sha512":"23f4413635e7f86d6a3e3c11b757507f4dd65624b8b782a6cd3f1024a4f7356b42052cf0b8fe2bbc8f683590e81e08cd39d60ed7dd398f818b9a5f40db31278c","ssdeep":"1536:G2TCiTq19Dei+d3D1Gyl2SWi9Lhuli83T8Y:G2TCiTq19Dei+fGyl2SWi9Lhgi83z","tlshash":"7973c92ea741252a1c3749f6e2d0b95c622692c1ff3b56f7f92214208bc56e72d2379c","first_seen":"2025-08-11T16:38:13.662045Z","last_seen":"2026-04-06T13:01:00.07094Z","times_seen":5,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/1dd3208c-e155c594ab2e0c3d.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/1dd3208c-e155c594ab2e0c3d.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 172835\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":172835,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e02d1cd6e751a1bbb4ff2a368dd1b66e","sha1":"982a9cbcc9403fb90fbd80cefd2c6a90b0df1829","sha256":"359deca4a1b7762a78f0fd35eafb5f746e88a2e793056c0e1e2b819d83f8c0fa","sha512":"9fae60504ebf4d09c7953b6cfc82ac7436cf75d76492ade590c6a5d156270b7804989b07deafa6ba040423e433af9edcb3654728e5c6862d82fa66d8b182a5d8","ssdeep":"1536:9VjExazug79h2U4kcNxakmBjt4oGZlibTR5ikxYhlUuRNka2wblHiN+wL8z9Ggum:Vzug758kkEiXjOAprX2wd5WjguGOK","tlshash":"6af3f8e83995f6666eb30277009f1803737c262b280d4d60a211fd9eb5b845eb17bfd9","first_seen":"2025-02-25T09:52:04.538021Z","last_seen":"2026-04-07T20:38:44.586853Z","times_seen":728,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/5066-dc91238c78146afa.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/5066-dc91238c78146afa.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 41015\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":41015,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (41015), with no line terminators","md5":"82ebb068f617ee76f29b552aa5fe3b09","sha1":"1d8f228f5e09561f97846c7e18bec9a1c6249719","sha256":"fa4a58493d76d7e16f33c4235d8853c954360cb9d62c53cab0f979ad336e0c6c","sha512":"a5963f74f2d5d89c9f3fc485b64ae692cb743faaf54730322ff01082236267e8fa5f4f0eaa48040a54fe99c7ec8dfa01850fc8b1ae2a771e3ef0ef063a3fd869","ssdeep":"384:VxbjGQF3eJiUIzA2DrzSzIipwZsE9bfY49QksvGFC0TVfkcVZy19ibEhjvNEg5OH:KGeCzpkWGSbfRsvIJTpkcyIWZEgtjI","tlshash":"f903fbe537c170f2d7df016a907b520af33e6998240a4410a135ac993575ee9d2f3f6e","first_seen":"2025-10-23T04:16:55.473442Z","last_seen":"2026-04-06T13:01:00.090182Z","times_seen":5,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/media/b7ea2ab4a8ad1f81-s.p.woff2","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/media/b7ea2ab4a8ad1f81-s.p.woff2 HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://midnight-od.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel(1)","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/pixel(1) HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 277\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":277,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"edb377166ae87d3b43280c1c4b9f2f5e","sha1":"28086acf1174dcc9e25390853e17bd6cea201172","sha256":"1577556bbd53f68f49f1a812559cf3dbeda741572ae835706b4b19868178229b","sha512":"19341ad01b905f9f2a30a6aa2376f9fb9fe1d029f96e0fb4210f6e9ee4828ca7b4c49807b8200eb5790fc8a3db50b88d63a5c048aea546bd9cb7a21727fd6626","ssdeep":"","tlshash":"add02b2b9d05aa39234680be94b4d139748d207856219807d18accad24f8ee15c9d9a0","first_seen":"2025-10-23T04:16:54.630728Z","last_seen":"2026-04-06T13:01:00.076345Z","times_seen":5,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/Nn39DYe1otU.html","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/Nn39DYe1otU.html HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 02 Aug 2025 12:44:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 58497\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":166822,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (57405)","md5":"23874fb743d16a2e6938a2d532bc63d5","sha1":"152f49d8b65be5a05a6ca2be1039f82e0906b3c1","sha256":"444cd2c09940b9f47d4fc08ea54e266d917fa20f80ea5dae101a1eb4bed5a471","sha512":"ea43c164a50832bc2fe19a8b363d13f9002688a6cfc1f933484dd08b8b2f2f65b7b11b797f6e88866e906b933f4518d2c5992bf2fd2564b6f246c2ae00275f37","ssdeep":"3072:klUe9GVuN4ZCGEGfZ/JgB/v+6lJc877qmR1Yq:sUe9uuN4EGhfMB/v+6lJc877qmR1Yq","tlshash":"4bf32b7046545436c4838987edb9ff3eb8f6016f8ac19969beba93dc02e9e504ddf402","first_seen":"2025-08-11T16:38:13.689203Z","last_seen":"2026-04-06T13:01:00.100769Z","times_seen":5,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/e443e028434d32e9179d9b4a188eceafe102b5c8-1788x1274.webp","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /e443e028434d32e9179d9b4a188eceafe102b5c8-1788x1274.webp HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:57 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 02 Aug 2025 14:16:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 33108\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33108,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ec0d6f9615292bd955314e8ceb8a1a1e","sha1":"56b46e9ee621d0c401b48efd257c9cc2c1b1f280","sha256":"d1dc04b860d26bbdfbca499797ec1b4e304957c0ba737949854ae12569180248","sha512":"4a9340bb2c177ad489555690cfb5260b9fcb43105f20392935a2658fa47a5082deeee0abc0f264b2e6a4bbecbb8db042fdeb0b08a6a919ad2ec003b099602069","ssdeep":"768:Qkap9vDWXeWryHcMIVJtk7RbzmUEZ5X44+CoIryAPX3Tee4PE:QR9vC1GFIMbSUqK4+C9rx3Tee4P","tlshash":"fae2e1410290bee9f30e94252fde9a1ce2282472f44c65801a37ec72df67cedd64297b","first_seen":"2025-08-11T16:38:13.679725Z","last_seen":"2026-04-06T13:01:00.101414Z","times_seen":6,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/page-5e0921c3dc577898.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/page-5e0921c3dc577898.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1722\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1722,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (1722), with no line terminators","md5":"6336154248ebad2baa89abd7dd08257f","sha1":"f2b4cce7177f84edd2b6a4b19f9a7b7dc1404c1b","sha256":"085c226b8c0b322fefe5c03ea72b73986cb7cf923cea8ad608bda0a213cdc1c7","sha512":"6693f91615ff2fd40eebbf0091e3a55e4b45dc50ee962b23c553a1f6a1655cafdb6e63d66804da797460a089166bebd2e893d6a6ef1358d14f4f905888d0c4e0","ssdeep":"","tlshash":"59312a4a171db55f59276ea4ff879c0e641e912098274e206164edf238233a8f2f096d","first_seen":"2025-10-23T04:16:54.250513Z","last_seen":"2026-04-06T13:01:00.091922Z","times_seen":5,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/2537-3779df9e937deae4.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/2537-3779df9e937deae4.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10115\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10115,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (10115), with no line terminators","md5":"1ac0f608a4d3dca1eee3524f51e9be1e","sha1":"9f3593272a80f47e3923e9a8cf70f524979b53a7","sha256":"07b4d957abfbd249488873368e9a599dc098d054c5c008ed902147d71184d52c","sha512":"12c3c67994096d3a8445b0c7f881d7d1fab0bb33cbc8344a49c7665158327bbd1661c61012bca3318df405b9a2b0202ddc1080ee5348dd5eb2b2d17b28af3dd6","ssdeep":"192:BxDmwvqp7QG1EQwFJQzCUYbDtClg1e1rfGam1+BdbjYPs/i+MTMVdLoUJn61UYyg:G4qlQGaQB/YXSTGaj6HTMAlSzz4","tlshash":"6a220ab5b6c8fc75528e09d4843b430a76592b35551e2840f3ee8ce76378e8750a2fd9","first_seen":"2025-10-23T04:16:54.832448Z","last_seen":"2026-04-06T13:01:00.085796Z","times_seen":5,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/8ad60fd6dff8239f6970f650af32af1273a51f5d-201x377.svg","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/8ad60fd6dff8239f6970f650af32af1273a51f5d-201x377.svg HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 02 Aug 2025 12:44:16 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 779\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1680,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c517dc5d746b3c8c0d69bfaf39defcdb","sha1":"5527ba1416dc278ed1b8e4af360cd75e965b2ee0","sha256":"ac959899dac5033ce7a7a6ed68bcb8f73458fbd3da568d239ca7b10b4c193dda","sha512":"d46a4e8d51b982efd2a69ece6453db339e4ff47eeac1bef7d76f1d59fcb8eecbb071816ef00d33253f9f117a5c35db0b411d21201e819956fd9a4f34acfcf4ba","ssdeep":"","tlshash":"cb3124ec73b45eedce909fc1de4661d50566b4bf57420208c2c8ba9e18c10ae0dd6a02","first_seen":"2025-08-11T16:38:13.704073Z","last_seen":"2026-04-06T13:01:00.069577Z","times_seen":8,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/nspix","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/nspix HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-08T07:40:56.737447Z","times_seen":76565,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"action.dstillery.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49","fqdn":"action.dstillery.com","domain":"dstillery.com","tld":"com"},"ip":{"addr":"172.64.149.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dstillery.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 14:21:59 GMT","end":"Wed, 17 Jun 2026 14:21:58 GMT"},"fingerprint":{"sha1":"A1:1B:1A:E0:76:DA:69:6A:25:36:D4:3B:0D:36:E5:47:EF:0D:9B:D9","sha256":"40:0C:32:2C:1E:76:A2:69:A9:A6:2F:DD:9C:F5:D3:8F:18:4F:60:F2:0F:35:DA:AB:6E:60:A0:E4:CD:D8:B5:3A"}}},"request":{"raw":"GET /orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49 HTTP/1.1\r\nHost: action.dstillery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://action.media6degrees.com/orbserv/nspix?adv=cl174113446236656\u0026ns=9207\u0026nc=IOHKMGDHTGN\u0026ncv=49\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\ncf-ray: 9e80dea518c256af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T07:38:16.649537Z","times_seen":13494560,"resource_available":true,"data":null}},"time_used":514,"timings":{"blocked":41,"dns":20,"connect":5,"send":0,"wait":428,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/webpack-7858b7ed950ab990.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/webpack-7858b7ed950ab990.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5260\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5260,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (4852)","md5":"dd84b37eb9286f35cd5c453592ed4aef","sha1":"596f0f56f403c4927979b5d5120b65ce0e4b6853","sha256":"0a2aaf4d203e7902f697cf38443772b209a3bb7f6ea99094931fa0836208086a","sha512":"860d56fdf92787364d126d50c03e3aaee0c99fcca069b8599404c46acdaa4377d712067d5f14df249ce08e90edd9f1b8835882674562f9010819def8939664b8","ssdeep":"96:BJ1hwBE9qkHAiR5mm0EE4G7lPEhyGVADcVNsSI2LDzN7LDBCMRJ+fP6pZxL:BtP9XAiPT0EE4G7ayGzQ0Dh5CM/+fyLl","tlshash":"adb1d7ee72a8f475179354a0443fe566f63e2472681ed0a0da1ed4f5bc30c998223fa8","first_seen":"2025-10-23T04:16:55.051652Z","last_seen":"2026-04-06T13:01:00.104257Z","times_seen":5,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/1528-5b651a682d288e05.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/1528-5b651a682d288e05.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 124309\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":124309,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d1f83ea442d663ba1a2bff64a22bb366","sha1":"79ebd3ccaff49ff6883d210cd058907ecef0b184","sha256":"4801b0509070fd32cd961ed98adb19cbfb2db9be9d6ed635c570dcf04abb3abf","sha512":"2645df41656f2903d6a8d944e7d27d27ae971858a93c53ef41b3172bce9b84d5fa51ccc67bcec4bc0f7fd5ce2a95d96f4bc585762940e5ccdea2d6ff092bb89a","ssdeep":"1536:hDwxIGExqHgis8TdluER6mmNOKg5UF/v7:V4XT4On5Az","tlshash":"84c3d8ba71d0f8e2079744e5843b400af3791c3b146f70a0a7a5cdd9b5a44eea1a3f5e","first_seen":"2025-10-23T04:16:55.065374Z","last_seen":"2026-04-06T13:01:00.097659Z","times_seen":5,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/817-a15fea2970392d77.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/817-a15fea2970392d77.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42674\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":42674,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (42674), with no line terminators","md5":"f06675485df8ef99cde78648177f9d13","sha1":"e2dd0fa9dbb8efd218b34df426ec917f62b8319c","sha256":"3064c45f3be0adb7e48cb84ded1b9b79369c0d23c0f9829cf4974948127a060f","sha512":"234e2dbb5f05de376f0d28b704c650b9dcadcec6be8ed615ed6728057ec989349f055bca0daaf9b0096b8f51cc30e2c8be34b92bdfdeb547d4cb7e8aa75f1cd5","ssdeep":"768:jx493Q/ytBbyfZmIJ7YRnKOx7FW4THj1c5lybL:297tlyf8RnK6FdalybL","tlshash":"041309b771d1f8e253db44a0843b100ef27a1d7a241ea144b3b5ccd5f6a05ada1a3f7a","first_seen":"2025-10-23T04:16:55.171015Z","last_seen":"2026-04-06T13:01:00.086482Z","times_seen":5,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/error-17280e138e94e511.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/error-17280e138e94e511.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 818\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":818,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (818), with no line terminators","md5":"b1518cad6b8e2833ddcc5dc93f32d7c6","sha1":"a1a2ff2b29a1fa065dba54039ea0c310c6ce5e98","sha256":"91f50578ec245e81772dfc954f059fa723454d646f729f2f17030a4f5827177c","sha512":"c935c159b80d2335e002e1da9b3682bbfa5229e99785b657c1709a50341bae046773b76bd847af3d04a2bcbaf9e2dd8ed20b9f4bd401cf161002776f528c2d37","ssdeep":"","tlshash":"cc016f45b485fe5ca95f0cd4217f940e706a2e5dad0d88a464f82c521c550ae7653fcd","first_seen":"2025-10-23T04:16:54.868321Z","last_seen":"2026-04-06T13:01:00.071768Z","times_seen":5,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15344\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Apr 2026 08:42:24 GMT\r\nexpires: Fri, 02 Apr 2027 08:42:24 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 16 Oct 2017 17:32:55 GMT\r\ncontent-type: font/woff2\r\nage: 359973\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15344, version 1.0","md5":"5d4aeb4e5f5ef754e307d7ffaef688bd","sha1":"06db651cdf354c64a7383ea9c77024ef4fb4cef8","sha256":"3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc","sha512":"7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48","ssdeep":"384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw","tlshash":"5162e16aef76dc7e4f1af1361c01b45404462290ba6155eff00d6e1d4eed1aff461392","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T06:29:41.097911Z","times_seen":536569,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":146,"dns":7,"connect":7,"send":0,"wait":9,"receive":1,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.hsforms.net/forms/embed/v2.js","fqdn":"js.hsforms.net","domain":"hsforms.net","tld":"net"},"ip":{"addr":"104.16.5.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hsforms.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 14:12:09 GMT","end":"Tue, 23 Jun 2026 15:12:01 GMT"},"fingerprint":{"sha1":"7B:1C:F7:0E:1A:67:BB:66:FC:C6:4B:51:39:0E:99:D2:53:51:53:DE","sha256":"4A:03:29:DE:06:E6:00:55:09:50:E1:AB:3D:53:F9:5B:B2:2B:4E:C5:EE:14:61:B1:93:62:D6:4A:E3:96:37:66"}}},"request":{"raw":"GET /forms/embed/v2.js HTTP/1.1\r\nHost: js.hsforms.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9e80deab8ed4b4eb-OSL\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 02 Apr 2026 08:52:18 UTC\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: b4yHjAG6Zd3iz9Ga1NjzFte2bUXPLIzG\r\ncontent-encoding: gzip\r\netag: W/\"2bae4b1a7976de8291e8b5ec5bd83155\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: IAD12-P3\r\nx-amz-cf-id: IT---R76t9XBCJXoT9dTI1KJxVgrz21CjDKunCM9x3qRhonfPzHXFQ==\r\ncache-control: s-maxage=600, max-age=300\r\nx-hs-target-asset: forms-embed/static-1.10793/bundles/project-v2.js\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\nserver-timing: hcid;desc=\"\", cfr;desc=\"9e7f68220946ef97-IAD\"\r\ncache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod\r\nx-hs-cache-status: MISS\r\nage: 328\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VIyeOhjTbdMxWmzZv0Spu6sPAo09Jaxrvv1Qv8r2HyKxVhioWE0WbZIuPqULDd6at9jTybKFvk%2B1MOYLK%2BV40q63cLjjmyKeqxSKXgLH5zc%2FtiplT2RoAD9SzjUqxK0H\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":605904,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65468)","md5":"2bae4b1a7976de8291e8b5ec5bd83155","sha1":"84d041fb648f6a7fc8469719a5ff4cf3450d539f","sha256":"e385fbb485e5db33bfbb2ccda0cc7a263a4e293d30b1dbabb7eb5ce7f5e45c51","sha512":"dbbd4bd6227748a02d8aac7d83bae4990d33c40cc165d025a033ee0f2846a3e7de6d61475aeb5ffcdac07f45374123bef25b1c251b033c23e8847d2fce398d3c","ssdeep":"6144:lW85B6NlctNXtk++tjneV1nPnTsyiS0MbtLKOYodFBKaNJU+xVhN/9SEefdLBFJM:ldttBtUS04FBK4JU+xVf/9hefdLBFRsp","tlshash":"edd45cc53182f0215bb202b660bf600ab33d5d29780d8950e765edde38e995e913bfbd","first_seen":"2026-04-02T09:10:39.78008Z","last_seen":"2026-04-08T07:44:57.889931Z","times_seen":351,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":41,"dns":21,"connect":1,"send":0,"wait":32,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yt3.ggpht.com/4hjqVIbby4KRqyuINVShpE7A_gmZZMEtd-uCc9e18lyp8xoNN1AoqxPCQuO5Zqm9p8a0oWv1hQ=s68-c-k-c0x00ffffff-no-rj","fqdn":"yt3.ggpht.com","domain":"ggpht.com","tld":"com"},"ip":{"addr":"142.251.38.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:58.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:35 GMT","end":"Mon, 08 Jun 2026 08:38:34 GMT"},"fingerprint":{"sha1":"3A:DE:11:78:FE:52:38:39:95:8D:C8:01:05:6E:73:B5:8E:86:5A:16","sha256":"62:89:AE:B9:16:42:63:34:BC:D1:1A:5F:79:F6:E2:91:77:7E:85:DB:0E:EF:C7:A9:1E:3E:0F:D7:8D:3C:A6:A6"}}},"request":{"raw":"GET /4hjqVIbby4KRqyuINVShpE7A_gmZZMEtd-uCc9e18lyp8xoNN1AoqxPCQuO5Zqm9p8a0oWv1hQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1\r\nHost: yt3.ggpht.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\ncontent-disposition: inline;filename=\"channels4_profile.jpg\"\r\nx-content-type-options: nosniff\r\nserver: fife\r\ncontent-length: 1432\r\nx-xss-protection: 0\r\ndate: Mon, 06 Apr 2026 09:12:36 GMT\r\nexpires: Tue, 07 Apr 2026 09:12:36 GMT\r\ncache-control: public, max-age=86400, no-transform\r\nage: 12562\r\netag: \"v1\"\r\ncontent-type: image/jpeg\r\nvary: Origin\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1432,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3","md5":"57580c4842d5cec94dff002c5de14138","sha1":"98c662c64576a2fb00eb5e57855aca13b853a0e0","sha256":"fad806ca302f7dbdd8b57e9054e78dd8f9514e4799dbee3ae6cfae6e0803c9b2","sha512":"bb9534070f8a43959d33a1f73b1f5ac0bcc64f63ad64efbb219c372df93a622a7f3b36743cc78c038de6e77497899e18a73023e630216e103287bcf4698814e9","ssdeep":"","tlshash":"fb210b583ad57161e0b19a31202376614a6c45f4f03e264b61775d923cd9dce0c287b4","first_seen":"2025-08-11T16:38:13.669353Z","last_seen":"2026-04-06T13:01:00.084213Z","times_seen":10,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":83,"dns":62,"connect":21,"send":0,"wait":22,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/css/bc8831281eb208c3.css?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/css/bc8831281eb208c3.css?dpl=dpl_4jWMjBT1rHL9DiRCa4Gxba4iJVij HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/4657-0ee3002512d36841.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/4657-0ee3002512d36841.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 91829\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":91829,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (46252)","md5":"12751b59074e6d9271f47c7d08174d29","sha1":"88ac97f44887e50f9b2f8f620799973e5bd03690","sha256":"b9f07c6dca9a08f9ccc5f7f0246e1358b1a89d96a92459d3b0cffbdaccad62fb","sha512":"6e27f81cb9241c2433d6e609a2a21210c622e761a9b2aaac1a4b1eb5edef2d1b80b638461f0ef27f5e684e69d73991429a19f2ceafdd2d0fa565f267394140be","ssdeep":"1536:Y+80MBRsZTUcK28zvgei3U9z7biRG4LrZdZe+Po2fg98DQ8yAHJHMnCHX8ktZlLR:M1BRNcK2Ovgei3Gz7biE4LVre+Po2fg2","tlshash":"ad93d8c9b6d2f02613a721b1443f000bf27e9a58644d44a8f2a4d8e67cb59cdd57bfb8","first_seen":"2025-10-23T04:16:55.446975Z","last_seen":"2026-04-06T13:01:00.084742Z","times_seen":5,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/_next/static/media/c7f848bed9dd25a3-s.p.woff2","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /_next/static/media/c7f848bed9dd25a3-s.p.woff2 HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://midnight-od.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/pixel HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 275\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/www-player.css","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/www-player.css HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 12:41:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 02 Aug 2025 12:44:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 70070\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":498397,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"49deefbb405b502b8932f4d64e121e80","sha1":"df15d796dd029f559d87dcbf0a1304f4b9f5bcdf","sha256":"67fe3f1a3a87b928651d3ec8024c7dd20f8b45c0c50873a3c3ac93066cb790f3","sha512":"db7954b6e08d46b2f18bb45a01ee89f1c819f3e32a3360336a00f52594058d487061fdf981f7f255583ebaf009a9d9492ed6983b6082da924cb3e6173060ba80","ssdeep":"6144:mg/+v62kqMMg7UZBxMYoLufomxw6oXoNm:aCUMMg7UZPoafomxw6oXow","tlshash":"65b4e972f0d1233cb22b8d5997d9964d7339d983e2e22aeff11165dacbc73851326206","first_seen":"2025-07-30T13:06:15.376412Z","last_seen":"2026-04-06T13:01:00.078636Z","times_seen":649,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/www-embed-player.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/www-embed-player.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 355825\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":355825,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (1179)","md5":"9c435b0d8c14cb9cc92035b2640fefca","sha1":"4a616d1d58d4c28ddce2156d48687f8af12c4703","sha256":"2de42ed8515ceaa100dea97e5f05b589bbaba4a5b85f5f031948e33cf0388dbf","sha512":"f00714b093bb3f62ade3ffd204c3e1a5f7b7c091ae022dcf6d5bdc2633cfe3fbb241fe67735b30e84f113da5ee6b98aefffcd6bf0990b28651279e19791b5e19","ssdeep":"3072:Rwu7Y4GAKgmVUjdkKiqTC61zeV+dbNNJStK7aAgBUrj3Fv:E4ZAUZkKiqT/1aVGhNmK7aA1v","tlshash":"01744bcdb692706352a3a5b4803f110bb13a78aab80cc9b8f195d5d92d7495d8337f3e","first_seen":"2025-07-30T18:59:23.341194Z","last_seen":"2026-04-06T13:01:00.079775Z","times_seen":600,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/base.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/base.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2609054\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2609054,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (917)","md5":"7106815cf6bdf7b4d8ff2e1341aea303","sha1":"543b815e025a152f74c0e1d663bc72d54b6b7e42","sha256":"e6275f81ee2ca6b74983593066c0d76e24627356bf06c4293f9d464c81289d68","sha512":"5f54505ef218c5e7f64a735eef4233f810f64bc3dd1c48d78217d87532973b13edf916bc99f83c18ffdb03602a20fcf8387bf03639dd31b4c20522719c8131bf","ssdeep":"6144:ZRWuxA8gSKdfkOId9OvzXBuIfXN2sHh9vfF2UdEbIxCeLWIQgGNNFYQx3DtryCCL:6um6dKDkOXfuIxCeLWIO11tuCzbKKDm","tlshash":"66254bcc32d6b4513363f1b8967f2107b13b6815644c896cb246e9da6c3990a937bfb8","first_seen":"2025-07-30T13:06:15.441996Z","last_seen":"2026-04-06T13:01:00.080365Z","times_seen":643,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-06","alert":"Hunting_JS_WebAssembly","trigger":"midnight-od.com/index_files/base.js.download","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/pixel HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 275\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/manifest.json","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:59.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 10:33:12 GMT","end":"Wed, 24 Jun 2026 10:33:11 GMT"},"fingerprint":{"sha1":"D0:0A:A6:39:E7:85:DF:64:B0:13:66:E3:06:E8:BF:2D:3C:AE:EA:7A","sha256":"70:D5:91:24:1D:F0:F9:7F:57:55:99:71:1F:A5:15:C2:B9:C7:21:65:6B:42:A2:34:4A:6D:A7:53:70:BE:C0:7B"}}},"request":{"raw":"GET /manifest.json HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nOrigin: https://midnight-od.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:59 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, public, s-maxage=60\r\netag: W/\"69c4f8c4-7b0\"\r\nexpires: Thu, 26 Mar 2026 09:24:15 GMT\r\nlast-modified: Thu, 26 Mar 2026 09:13:40 GMT\r\nx-77-nzt: kxVhovXvgresIVAgpbRdLSNkmDI2Arq6626f4+/9QlB3RX83myHF7+Di1NDzNkHxrKrR+IY\r\nx-77-nzt-ray: fdb5412330b98f7217aad3690f2c8b04\r\nx-77-cache: HIT\r\nx-77-age: 25\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":1968,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2c90dc4144123441dfd1880b64a38850","sha1":"3542d9742c4d15ebd275a7f4d00fdeaab0bf2811","sha256":"3f96750d0608315f91b97aa38ed18ba3172c6205e3bae64070fdd3b1ecd96055","sha512":"85219432d56f6d5daff42ab232594e813a0a26d63b22bd8b2de79a3f6cc650f5b4d00035a356cee95137c30b588d3882f294d3e42a7cd1dc90c2ac3ed5a1a010","ssdeep":"","tlshash":"b9411593c4f80d531b9c522bb8944a015d50c3c7e8893d0d36ad8a6f2f0ceba15e67ad","first_seen":"2026-03-26T09:27:08.856479Z","last_seen":"2026-04-08T07:11:32.497657Z","times_seen":546,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":51,"dns":22,"connect":8,"send":0,"wait":9,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/pixel","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/pixel HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 275\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"dc306990cc600795a1e0f370f7d57cd4","sha1":"466c3249b307ae898cc387a7e6787593ab51ba2b","sha256":"3953126a6f6936d1edf140aab420fb68d6ef32ed01cac1dd23f14fc178ac4f59","sha512":"618be3e328291d4483531e4a641106685aab29a321aaa9fddb7bad30b3c31187ca36efa6c833cbca3b9f4634bf8289931f578acacaa7298215b7b43819ec0089","ssdeep":"","tlshash":"f1d02b6b5d019639235680be94b4d539209d207855219807d18a8cad24fcee15c9d9a0","first_seen":"2025-10-23T04:16:54.668354Z","last_seen":"2026-04-06T13:01:00.082049Z","times_seen":5,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:41:56.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Wed, 18 Mar 2026 15:26:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 48225\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":285727,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (55799)","md5":"53b74f5bb8077a9a94a69c8c0b180299","sha1":"3f982546ca31c3f2d24281e1fed37901e1f50f9e","sha256":"1f7f8624f1674cde093ae514ada4160393586c70611b291f5ce4718c68935102","sha512":"f2df83f72413a6715018806782c1244093349d4b2a6853f0f59ef4c39dee0c6e2089d5918493eacb736f4f0235a237da85e83bd8f03daa30b262d148567ba980","ssdeep":"6144:bM+SQWefknVVhf9wvdpyY5g1s9DKz6v0yVB:gwkhf9wvdCCv0yVB","tlshash":"39546d762540fe0ed8878e8ea63e6c35701fc667c3e6c6ade09cc91151c54babe9348d","first_seen":"2026-04-06T12:42:55.061374Z","last_seen":"2026-04-06T13:01:00.074932Z","times_seen":2,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":123,"dns":73,"connect":20,"send":0,"wait":43,"receive":20,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/js","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:56.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/js HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 02 Aug 2025 12:44:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 404093\r\ndate: Mon, 06 Apr 2026 12:41:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":404093,"size_decoded":0,"mime_type":"text/plain","magic":"JavaScript source, ASCII text, with very long lines (6006)","md5":"24521e6f62178b5c63360a9eea77e736","sha1":"5fcb20f45cdbfb41683fd199db499e237b635a21","sha256":"facf500cbd0ae22813ec6277d11b49168c178fba5d1d72a43d9b7d7fd556f775","sha512":"40bd0e270f9008101b6a9b7413916efda118a1b9f3efcd42bc77be01c871065ad06d3ed62b8a0c6db69f30d0d6128be95e4746af5700b2172f0c48cf92958c59","ssdeep":"3072:MQNjExl/A4mwrcxZL/LGa6n07oHn5wdK8Oe/11LMHyqsS0cnGRWMukOFQt2Wc+LS:aGgcxZX7etZsSXLMukOFu2F+e2qZm24W","tlshash":"118419ce73d670269396f478503f018ba57b29a2f45cc899b189cce42e74a9a0177f7c","first_seen":"2025-10-23T04:16:55.073891Z","last_seen":"2026-04-06T13:01:00.100081Z","times_seen":5,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmp.osano.com/AzZXI3TYiFWNB5yus/2016b368-eac0-4852-b001-c9fd9aaaaf77/osano.js","fqdn":"cmp.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"52.84.50.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:57.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.osano.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 18 Aug 2025 00:00:00 GMT","end":"Wed, 16 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C0:86:14:DB:30:59:FF:EA:74:A1:2E:8A:38:30:F2:91:54:7B:B7:B9","sha256":"4A:EF:B1:89:89:44:99:2F:FE:18:38:70:69:2B:A8:26:86:BC:F7:F4:35:8C:F3:2A:D8:80:14:98:2C:1C:61:AC"}}},"request":{"raw":"GET /AzZXI3TYiFWNB5yus/2016b368-eac0-4852-b001-c9fd9aaaaf77/osano.js HTTP/1.1\r\nHost: cmp.osano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 63749\r\nserver: CloudFront\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\netag: \"292a521b1754e2d3be1c9da024991ef9\"\r\nlast-modified: Mon, 14 Jul 2025 10:12:57 GMT\r\ncontent-encoding: br\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 50557aa30b42f85b01a1a22ebf5ee7a0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: FWLdRaNvqWnyXANLxa1V3K5vGg8uwdZOMEa3M1rjDoMaXYXmI27img==\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":251069,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65473)","md5":"0228f73cacf059661cfea3cd5e0125f5","sha1":"f966829b30bd2bd4adbfb5f432dd94dbf89c5416","sha256":"6d2a977bad272fdc19b6bdeee55d198edd56f513e21436d1da97fdf77ba32433","sha512":"7e0b3bfdb9130b41b2cf490059b2ef015b63f407c857795f57a27babcb285cb4eafa84028773fea75094eacc682fc6ae719e188cf76ecbe87c3aabc51e4ce94d","ssdeep":"3072:l6X4enSf+6zrk9bym39gTJsacCkXgTpW3BFha/qmOmLpRZ+2zxvp+Qh:l44KSfZqCkXWWxra/qmOmLpRM2ztYc","tlshash":"103408a536daf5b112e356e9843b0509f33aae45342dd090f364dec42c2864fa676f3e","first_seen":"2025-10-23T04:16:55.289919Z","last_seen":"2026-04-06T13:01:00.086987Z","times_seen":5,"resource_available":true,"data":null}},"time_used":462,"timings":{"blocked":43,"dns":35,"connect":1,"send":0,"wait":373,"receive":2,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/index_files/ad_status.js.download","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight-od.com/index_files/Nn39DYe1otU.html","date":"2026-04-06T12:41:57.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /index_files/ad_status.js.download HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/index_files/Nn39DYe1otU.html\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sat, 02 Aug 2025 12:44:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 29\r\ndate: Mon, 06 Apr 2026 12:41:57 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text","md5":"1fa71744db23d0f8df9cce6719defcb7","sha1":"e4be9b7136697942a036f97cf26ebaf703ad2067","sha256":"eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9","sha512":"17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f","ssdeep":"","tlshash":"9e8000823a082223e8a28088830ae2202c82080002220808c028000020808c380088e2","first_seen":"2023-03-07T01:02:17Z","last_seen":"2026-04-07T04:30:27.386551Z","times_seen":4305,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight-od.com/apple-icon.png?010a3d75d7e80b14","fqdn":"midnight-od.com","domain":"midnight-od.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight-od.com/","date":"2026-04-06T12:41:58.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.midnight-od.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:04:24 GMT","end":"Thu, 28 May 2026 18:04:23 GMT"},"fingerprint":{"sha1":"99:AA:2B:88:AA:F5:D4:52:BE:3E:48:5C:77:62:C3:B3:BE:9F:ED:D8","sha256":"CC:FD:79:50:A4:11:3E:55:A4:A8:EC:C4:50:8B:C8:4D:8B:D7:D9:B7:FA:2B:9C:45:87:01:A8:2A:3C:54:3B:5C"}}},"request":{"raw":"GET /apple-icon.png?010a3d75d7e80b14 HTTP/1.1\r\nHost: midnight-od.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://midnight-od.com/\r\nCookie: _ga_M47C6SYY2F=GS2.1.s1775479317$o1$g0$t1775479317$j60$l0$h0; _ga=GA1.1.1003776615.1775479317\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Apr 2026 12:41:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-08T06:37:41.375039Z","times_seen":39909,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"midnight-od.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}