{"report_id":"735cf4f6-c6e8-48e0-bee8-ae8ed27a5d91","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2025-07-12T19:13:28Z","url":{"schema":"http","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"ip":{"addr":"34.68.50.78","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"title":"Webmail Login - IONOS"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-20T19:13:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"dump.li","ip":{"addr":"172.67.167.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2023-05-05T22:05:11Z","last_seen":"2025-07-05T00:44:52.745556Z","alert_count":0,"request_count":1,"received_data":2358,"sent_data":451,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.ionos.com","ip":{"addr":"74.208.4.76","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"domain_registered":"2000-02-29","domain_rank":211472,"first_seen":"2018-10-29T19:33:58Z","last_seen":"2025-06-29T20:27:03.633414Z","alert_count":0,"request_count":1,"received_data":15846,"sent_data":438,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ce1.uicdn.net","ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"domain_registered":"2010-08-25","domain_rank":136303,"first_seen":"2017-02-01T08:42:04Z","last_seen":"2025-07-10T06:39:04.423678Z","alert_count":0,"request_count":5,"received_data":534932,"sent_data":2562,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mgcreativeworld.com","ip":{"addr":"34.68.50.78","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2022-01-30","domain_rank":0,"first_seen":"2025-03-27T07:40:35.38435Z","last_seen":"2025-04-10T11:36:12.885383Z","alert_count":2,"request_count":1,"received_data":59580,"sent_data":496,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"ip":{"addr":"34.68.50.78","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"md5":"bcbfabc04c53d17eca364cf118cf6e07","sha1":"92fef31974edf23f8c7455bb5c853f6fc2eb7c48","sha256":"47aaf454cd6237d19a40c7304ed1d420b8f6e88bff252591d3a9846329f43ba4","sha512":"f6af95ea8a9eb7254f6fc82b7cc5bdcab7fad857721a9093e300357076cda33e953e34f5c3c39d35294b0b1fd230e8aaf5b9c665cdb1f71dc8d73bc3e34771bd","size":3363,"token":"7691627832:AAF1xXab3lbftuiUYoUfAG1vo-5RPq3j1zI","is_revoked":false,"bot":{"token":"7691627832:AAF1xXab3lbftuiUYoUfAG1vo-5RPq3j1zI","user_id":"7691627832","username":"eim1234_bot","first_name":"eim","last_name":"","chat":{"chat_id":"5854891060","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}},{"md5":"2151b7472dfff0f3ccec12c96b7aee6f","sha1":"31e11e9283cec755c69c9af8fad8807cc3a52b16","sha256":"9a0d72fdb437ab5c938e1f0ab4bd9e1dd136163b90472f4754614b7b055eb087","sha512":"18c87657744cbe8615b8878e4d420106197eaf32f4d4841b8d7d32523de06c9998cd22afb59e89ab7d36982ffddc92602ff5ca3f977e82883e15e687c2fbd7c3","size":8143,"token":"7691627832:AAF1xXab3lbftuiUYoUfAG1vo-5RPq3j1zI","is_revoked":false,"bot":{"token":"7691627832:AAF1xXab3lbftuiUYoUfAG1vo-5RPq3j1zI","user_id":"7691627832","username":"eim1234_bot","first_name":"eim","last_name":"","chat":{"chat_id":"5854891060","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2025-07-12","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:2151b7472dfff0f3ccec12c96b7aee6f","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2025-07-12","alert":"Detects file containing Telegram Bot API","trigger":"javascript.script.md5:bcbfabc04c53d17eca364cf118cf6e07","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}]},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2025-04-09","alert":"Other","trigger":"mgcreativeworld.com/new.html","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"ip":{"addr":"34.68.50.78","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"604a599c7ef506e5667944db49d69d54","sha1":"54339d9262130aa798fd52cd4b1e4e9548ccdbf6","sha256":"f84358e84ee69647228b9e8509905fb8d861b9cab20a60de61766d09a687c795","sha512":"1346984aec315988d8a4c231187b6bb626bed1ed77af22c2c1f659a93026fb4a7203063b13bbd0940886b8270e2e372b723fa17de3a7d97729acb00389a8e94c","ssdeep":"768:LpTapdly5LTb928AP1w44pGHIgsgV3uC8hcxx8a6ZqjPNDH8HKM//HEgSk7C4Oi0:LZG4muhyiI","tlshash":"3643dff839274c1fac59ee33ba15e588b7507d09f98f4d9420117d64a7a20f9e9e03b2","size":59143,"data":"","first_seen":"2025-04-10T11:36:16.082505Z","last_seen":"2025-07-12T19:13:32.892988Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"ip":{"addr":"34.68.50.78","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcbfabc04c53d17eca364cf118cf6e07","sha1":"92fef31974edf23f8c7455bb5c853f6fc2eb7c48","sha256":"47aaf454cd6237d19a40c7304ed1d420b8f6e88bff252591d3a9846329f43ba4","sha512":"f6af95ea8a9eb7254f6fc82b7cc5bdcab7fad857721a9093e300357076cda33e953e34f5c3c39d35294b0b1fd230e8aaf5b9c665cdb1f71dc8d73bc3e34771bd","ssdeep":"","tlshash":"ab614427e1e208e00b5371ba235b91003271e00ffe0adc95795d831a2f98e36acb77c6","size":3363,"data":"","first_seen":"2025-04-10T11:36:16.081734Z","last_seen":"2025-07-12T19:13:32.894083Z","times_seen":4,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2025-07-12","alert":"Detects file containing Telegram Bot API","trigger":"javascript.script.md5:bcbfabc04c53d17eca364cf118cf6e07","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":[{"md5":"2151b7472dfff0f3ccec12c96b7aee6f","sha1":"31e11e9283cec755c69c9af8fad8807cc3a52b16","sha256":"9a0d72fdb437ab5c938e1f0ab4bd9e1dd136163b90472f4754614b7b055eb087","sha512":"18c87657744cbe8615b8878e4d420106197eaf32f4d4841b8d7d32523de06c9998cd22afb59e89ab7d36982ffddc92602ff5ca3f977e82883e15e687c2fbd7c3","ssdeep":"96:KB7lqRslI1L5abT3IXGivsp4uissigfOhiKQye:qqR703usppissi+Ohsye","tlshash":"93f1871610f118a20603e4f173a796117ea1d40bae0ad44178fc8b9d5fe9d6799377cf","size":8143,"data":"","first_seen":"2025-04-10T11:36:16.083348Z","last_seen":"2025-07-12T19:13:32.895073Z","times_seen":4,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2025-07-12","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:2151b7472dfff0f3ccec12c96b7aee6f","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"dump.li/image/get/38a592d7d31a956f.png","fqdn":"dump.li","domain":"dump.li","tld":"li"},"ip":{"addr":"172.67.167.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dump.li","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 22:58:23 GMT","end":"Mon, 29 Sep 2025 23:56:38 GMT"},"fingerprint":{"sha1":"F9:61:42:3B:86:6F:AF:7A:77:AA:34:A1:1B:BA:FC:71:FB:29:6F:91","sha256":"24:47:A7:72:78:B3:95:D8:BD:CE:8D:2D:B2:A9:55:19:A5:DE:58:57:34:92:1B:30:0D:DC:47:4F:AD:92:59:6F"}}},"request":{"raw":"GET /image/get/38a592d7d31a956f.png HTTP/1.1\r\nHost: dump.li\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mgcreativeworld.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 1412\r\nserver: cloudflare\r\nlast-modified: Thu, 14 Nov 2024 03:47:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"673572ef-584\"\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\ncache-control: public, max-age=21600, no-transform\r\nonion-location: http://dumpliwoard5qsrrsroni7bdiishealhky4snigbzfmzcquwo3kml4id.onion/image/get/38a592d7d31a956f.png\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wcGKi032uFK8Daf%2BuPMOefc85OWeCh5Vdn0JFQMZKpJ4vsn%2B1Ft%2FtR2bO0ppeXluhn3dgWRaH4kX14tJapxIREWNgSBD\"}]}\r\ncf-ray: 95e2db2b2dc7712b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 43, 8-bit/color RGB, non-interlaced","md5":"5996e920c13503ab9f706cb3a5958245","sha1":"b81bcfa305804ebd51534d6156e3760dc5d9152a","sha256":"ec9e8d3ff365f90023f1d1f430f139b18d577920ddc16b3cdd91cd6de54adc6a","sha512":"96067385903d8c5a2e92e7133f396ce9160572146a307eeaf90d14b253f725a7b609ba0d117f77430c47900d597de9ade5e76e59cc1f2febf7d8519f5723065c","ssdeep":"","tlshash":"1121b940770f04eec3b046fcba2cab184cdd87517f684d44764dcd2ab8e2557dd61252","first_seen":"2025-04-05T11:39:01.699101Z","last_seen":"2025-07-12T19:13:32.875453Z","times_seen":5,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":32,"dns":14,"connect":1,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ionos.com/favicon.ico","fqdn":"www.ionos.com","domain":"ionos.com","tld":"com"},"ip":{"addr":"74.208.4.76","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ionos.com","organization":"IONOS Inc."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 30 Sep 2024 00:00:00 GMT","end":"Fri, 17 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"95:4F:27:14:39:F5:79:6E:D2:90:8B:9D:68:A5:78:08:46:1C:DE:AB","sha256":"D3:FF:D9:97:DA:BA:0C:BE:44:EB:14:4D:49:C1:D0:50:A6:63:4B:12:BB:7E:E4:46:DE:31:57:BF:62:72:C5:AD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.ionos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mgcreativeworld.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:09 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15374\r\nset-cookie: DPX=v1:VnR+S2u62d:qxgybo2H:6872c1da:us; Path=/; Expires=Sat, 12-Jul-25 20:13:09 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Thu, 10 Jul 2025 13:48:42 GMT\r\netag: \"3c0e-63993738f2280\"\r\naccept-ranges: bytes\r\ncontent-security-policy: frame-ancestors 'self'\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15374,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 7 icons, 16x16, 16 colors, 4 bits/pixel, 24x24, 16 colors, 4 bits/pixel","md5":"02754188af3cd6ce8d5d667d9e0c221f","sha1":"d428818ab8bcf6a940b8a805623f08aa103035cf","sha256":"59d1851201c19f172a23ad22ec040876d20be83c5fbe561f7294b37b3d5e010a","sha512":"63d4116e34218b710fc19189452aefdfd3dedf0ae872bad74fe3c073da29aecdb64b5057e1547c3bd910ed06d0a25d40be36707a058876773f95af2d9a5e0056","ssdeep":"48:4KYrLoYLFMZggpPvkUB+wghZPW88lbqZNZIs5IhX1Cd:GLF9wPUbPWzkJ","tlshash":"9462bf1aba08e857f26b0737914704ea6fd118248728c7027db30f566f58f040bef8d9","first_seen":"2024-12-15T15:08:03.546406Z","last_seen":"2026-03-08T16:03:20.056721Z","times_seen":471,"resource_available":false,"data":null}},"time_used":741,"timings":{"blocked":-1,"dns":37,"connect":127,"send":0,"wait":169,"receive":1,"ssl":407},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce1.uicdn.net/exos/icons/exos-icon-font.woff2?v=23","fqdn":"ce1.uicdn.net","domain":"uicdn.net","tld":"net"},"ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ce1.uicdn.net","organization":"United Internet Media GmbH"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:33:C1:A2:B9:9A:07:8A:31:FE:65:07:D0:52:2A:70:A1:3C:54:43","sha256":"4E:78:4D:3C:59:AE:93:D1:35:9D:89:3E:DF:DF:A8:A4:40:97:B3:43:0F:56:EF:69:43:F2:E4:5D:82:48:A1:01"}}},"request":{"raw":"GET /exos/icons/exos-icon-font.woff2?v=23 HTTP/1.1\r\nHost: ce1.uicdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mgcreativeworld.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ce1.uicdn.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 36784\r\nset-cookie: DPX=v1:7Pnf9IQHdL:JtTY6a51:6872c1d9:gb; Path=/; Expires=Sat, 12-Jul-25 20:13:08 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nlast-modified: Tue, 13 Aug 2024 10:59:35 GMT\r\ncache-control: max-age=31536000\r\nexpires: Wed, 24 Jun 2026 14:11:57 GMT\r\naccess-control-allow-origin: *\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36784,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36784, version 1.0","md5":"1e976fb9405de7dc67bcc57d78ba3ff0","sha1":"49f2aff241029457c95cf65612aa1be7518ffdeb","sha256":"c827f6cf31c0fc0588765a009b549055a3db1ac08b9fa7de15c6247f5eafcff0","sha512":"f81a865a070954846e0202b35b0e3cee4002bdf5bf55e475d7fa4ad8030d0bdc3be7526fc5b7391557b35626305ae59515d489b2410502bf4935992b27e9ff72","ssdeep":"768:T81MH4NkPySnLzpQHS0umV5r8vRmMT41ARjM4oO4MEijINpFaH9rYuC1t:T8op9/0umn8vRm71ARjRj8WHd4","tlshash":"92f202b0635be53bbb1dd92a20c452049baf9e6789407ab7d1345b513647f4ec4ce323","first_seen":"2024-08-30T05:28:33Z","last_seen":"2026-05-13T15:42:57.30259Z","times_seen":449,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":86,"dns":1,"connect":20,"send":0,"wait":28,"receive":19,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff2","fqdn":"ce1.uicdn.net","domain":"uicdn.net","tld":"net"},"ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ce1.uicdn.net","organization":"United Internet Media GmbH"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:33:C1:A2:B9:9A:07:8A:31:FE:65:07:D0:52:2A:70:A1:3C:54:43","sha256":"4E:78:4D:3C:59:AE:93:D1:35:9D:89:3E:DF:DF:A8:A4:40:97:B3:43:0F:56:EF:69:43:F2:E4:5D:82:48:A1:01"}}},"request":{"raw":"GET /exos/fonts/open-sans/opensans-regular.woff2 HTTP/1.1\r\nHost: ce1.uicdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mgcreativeworld.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ce1.uicdn.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 18668\r\nset-cookie: DPX=v1:MHnJaZjTiR:DE82Y9fS:6872c1d9:gb; Path=/; Expires=Sat, 12-Jul-25 20:13:08 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nlast-modified: Mon, 02 Jun 2025 11:49:21 GMT\r\ncache-control: max-age=31536000\r\nexpires: Wed, 24 Jun 2026 14:11:57 GMT\r\naccess-control-allow-origin: *\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18668,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18668, version 1.0","md5":"8655d20bbcc8cdbfab17b6be6cf55df3","sha1":"90edbfa9a7dabb185487b4774076f82eb6412270","sha256":"e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6","sha512":"47308de25bd7e4ca27f59a2ae681ba64393fe4070e730c1f00c4053bac956a9b4f7c0763c04145bc50a5f91c12a0bf80bdd4b03eecc2036cd56b2db31494cbaf","ssdeep":"384:1stcBfAVaR8i6XzMsb4fcjakBudFyBqrgeU0hipgwfqj09nOt/a:1k0F6Xz1bFjaPbyBqr9hIgkM3Fa","tlshash":"8a82d08912e54211e0ca94393a4a0976ec9e3d8c0566f37d3c357392cdbe77156dbc29","first_seen":"2023-12-15T00:19:13Z","last_seen":"2026-05-14T15:02:07.008878Z","times_seen":15388,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":87,"dns":4,"connect":19,"send":0,"wait":58,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce1.uicdn.net/exos/fonts/overpass/overpass-semibold.woff2","fqdn":"ce1.uicdn.net","domain":"uicdn.net","tld":"net"},"ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ce1.uicdn.net","organization":"United Internet Media GmbH"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:33:C1:A2:B9:9A:07:8A:31:FE:65:07:D0:52:2A:70:A1:3C:54:43","sha256":"4E:78:4D:3C:59:AE:93:D1:35:9D:89:3E:DF:DF:A8:A4:40:97:B3:43:0F:56:EF:69:43:F2:E4:5D:82:48:A1:01"}}},"request":{"raw":"GET /exos/fonts/overpass/overpass-semibold.woff2 HTTP/1.1\r\nHost: ce1.uicdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mgcreativeworld.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ce1.uicdn.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 33252\r\nset-cookie: DPX=v1:KXP8g3dHvm:XsiL78hJ:6872c1d9:gb; Path=/; Expires=Sat, 12-Jul-25 20:13:08 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nlast-modified: Tue, 12 Jun 2018 09:26:11 GMT\r\ncache-control: max-age=31536000\r\nexpires: Wed, 24 Jun 2026 14:11:57 GMT\r\naccess-control-allow-origin: *\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33252,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 33252, version 3.0","md5":"dc461a1d2d82d3751bf3e267372e3de8","sha1":"46a8f730dd1297bb02670e9ae750a555b9f89637","sha256":"12da6857fa2a0c01d0474860bc4a6e4c636faafce7cc93fe184f412b961e01f1","sha512":"fdd2b178e681d23a1b61832ac18b30bdfc23a0cc95ce1e557dd988d710bf64b021ca43b8a8ff9a6090a2c6669e366089a3de32bbb6beae73869985637b716953","ssdeep":"768:Yeom4ynOclrvaEyMKbs+KBY7LTZBffiiGnxgSeGrb0+DBKBquXC7M0lGI0r:Yeb42BXyMxqLTPfiVnhe+LIB1G6Fr","tlshash":"7be2f13905b4a4564413b238ca5887e8b3a6d7be13a775ea7447bc04b42fc856c53d74","first_seen":"2024-08-30T22:41:03Z","last_seen":"2026-05-13T15:42:57.309774Z","times_seen":363,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":51,"receive":8,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce1.uicdn.net/exos/fonts/open-sans/opensans-semibold.woff2","fqdn":"ce1.uicdn.net","domain":"uicdn.net","tld":"net"},"ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ce1.uicdn.net","organization":"United Internet Media GmbH"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:33:C1:A2:B9:9A:07:8A:31:FE:65:07:D0:52:2A:70:A1:3C:54:43","sha256":"4E:78:4D:3C:59:AE:93:D1:35:9D:89:3E:DF:DF:A8:A4:40:97:B3:43:0F:56:EF:69:43:F2:E4:5D:82:48:A1:01"}}},"request":{"raw":"GET /exos/fonts/open-sans/opensans-semibold.woff2 HTTP/1.1\r\nHost: ce1.uicdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mgcreativeworld.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ce1.uicdn.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 18596\r\nset-cookie: DPX=v1:/FMkU49iaH:45XPQz4N:6872c1d9:gb; Path=/; Expires=Sat, 12-Jul-25 20:13:08 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nlast-modified: Mon, 02 Jun 2025 11:49:21 GMT\r\ncache-control: max-age=31536000\r\nexpires: Wed, 24 Jun 2026 14:11:57 GMT\r\naccess-control-allow-origin: *\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18596,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18596, version 1.0","md5":"c1422f94ea801088e9b159a80afd514b","sha1":"b49d3cb83589976dde1166aa38dcb553620a0498","sha256":"7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89","sha512":"c28c40d0905971427101d8c2b6925a69e978034c5c8c0b90da5a20fe863480db3e85e003ef6fc793f3172766e1b02a4f22afe9a5411f8ef37bff691d48a6e63a","ssdeep":"384:UTN0V0JPXPRrFTf5ZYW6bcIIgGnvDekWS7VFErLvLFd:Up4G/PfLMWQQnhWSBF+Fd","tlshash":"b882e0b1694053f8e93bd0ae0aa5760edd60d4e9b3c1bbdd3400de08d496d3bab21321","first_seen":"2023-12-15T03:49:02Z","last_seen":"2026-05-14T15:02:06.977468Z","times_seen":2144,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":82,"dns":0,"connect":21,"send":0,"wait":57,"receive":1,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mgcreativeworld.com/new.html","fqdn":"mgcreativeworld.com","domain":"mgcreativeworld.com","tld":"com"},"ip":{"addr":"34.68.50.78","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-12T19:13:06.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgcreativeworld.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Jun 2025 04:24:37 GMT","end":"Sat, 06 Sep 2025 04:24:36 GMT"},"fingerprint":{"sha1":"5D:C4:D7:04:9F:EB:8E:26:38:F3:6E:EA:12:E3:FF:5F:37:10:F4:45","sha256":"38:13:80:74:AE:57:6B:C8:6B:73:59:4D:0C:48:E7:7D:7F:6E:42:FC:74:E0:4B:0F:71:00:AA:F6:8F:D1:F5:5B"}}},"request":{"raw":"GET /new.html HTTP/1.1\r\nHost: mgcreativeworld.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 12 Jul 2025 19:13:07 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie\r\nlast-modified: Tue, 11 Mar 2025 08:27:53 GMT\r\netag: W/\"67cff409-e732\"\r\nx-cacheable: SHORT\r\ncache-control: max-age=600, must-revalidate\r\nx-cache: HIT: 13\r\nx-cache-group: normal\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59186,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (59134), with CRLF line terminators","md5":"4ad6f721b4f50fbe053a929efddd436a","sha1":"cd02f74b9ae479bc77a913e59234c47b291c8f5a","sha256":"924ed1b9b2e753295d16f97f83cfd14c0e2ebdb45b651c5c60f84be8fcbd6edb","sha512":"43173775a8ab1730196b879600e2c4ec51bb0d42530f012f58e1206e9f9ca5550c495ade366ab485714dc7c9bef18043cf6294511418b4f75c3be7f39bd6e4d0","ssdeep":"768:WpTapdly5LTb928AP1w44pGHIgsgV3uC8hcxx8a6ZqjPNDH8HKM//HEgSk7C4Oi2:WZG4muhyii","tlshash":"7943dff839274c1fac59ee33ba15e588b7507d09f98f4d9420117d64a7a20f9e9e03b2","first_seen":"2025-04-10T11:36:16.077716Z","last_seen":"2025-07-12T19:13:32.887542Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2848,"timings":{"blocked":1284,"dns":8,"connect":839,"send":0,"wait":280,"receive":0,"ssl":435},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2025-04-09","alert":"Other","trigger":"mgcreativeworld.com/new.html","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"ce1.uicdn.net/exos/framework/3.0/ionos.min.css","fqdn":"ce1.uicdn.net","domain":"uicdn.net","tld":"net"},"ip":{"addr":"213.165.66.58","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://mgcreativeworld.com/new.html","date":"2025-07-12T19:13:08.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ce1.uicdn.net","organization":"United Internet Media GmbH"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Feb 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:33:C1:A2:B9:9A:07:8A:31:FE:65:07:D0:52:2A:70:A1:3C:54:43","sha256":"4E:78:4D:3C:59:AE:93:D1:35:9D:89:3E:DF:DF:A8:A4:40:97:B3:43:0F:56:EF:69:43:F2:E4:5D:82:48:A1:01"}}},"request":{"raw":"GET /exos/framework/3.0/ionos.min.css HTTP/1.1\r\nHost: ce1.uicdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mgcreativeworld.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 12 Jul 2025 19:13:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 55859\r\nset-cookie: DPX=v1:i++19mmSKE:DQvTuzI1:6872c1d9:gb; Path=/; Expires=Sat, 12-Jul-25 20:13:08 GMT; HttpOnly; Secure; SameSite=Lax\r\nserver: Apache\r\nlast-modified: Fri, 11 Jul 2025 21:23:03 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncache-control: max-age=43200, public\r\nexpires: Sun, 12 Jul 2026 14:36:06 GMT\r\naccess-control-allow-origin: *\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":425226,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65455)","md5":"88ceb0cf35d563d0bc8c9e2862a86622","sha1":"c4f4af6c7f41c48277652ea4785c1b7c242bc508","sha256":"2ef68c7a8171054edb038729128ce79967cc99889f7e01974dcb1e8d71f5bf17","sha512":"4bce0004dfcdc78c7436fe5d66e1b48c9201bb50ad950bb3e9113ea95b2eec50c1fca1b8793067960697cc099fe063dbe3b4a5e708d3b0a709f88db561ea8dc1","ssdeep":"3072:p1qYpaM7LIE+gQSnGciStE0vI2VRzFm+gycTV:bnvI2VRruV","tlshash":"0094a620e58826bd7727cf736560b950a1216d41c6636979f4f3af088fd39ea03636ce","first_seen":"2025-07-12T19:13:32.890621Z","last_seen":"2025-07-13T19:17:51.941771Z","times_seen":3,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":136,"dns":1,"connect":19,"send":0,"wait":26,"receive":28,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}