{"report_id":"af09537d-2978-46ed-9a83-29a20c8a5ba7","version":6,"status":"done","tags":[],"date":"2026-05-24T06:25:57Z","url":{"schema":"http","addr":"online-omben-crypto.lol","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":0,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"online-omben-crypto.lol/","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"title":"Online-Omben-Crypto.lol — fast online crypto exchange","dom":{"size":106030,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (45043)","md5":"1a2b5c96c04c2aae07766491446e4f80","sha1":"a8a4c572d3f303c750ee7f74f0dc4050af1635c8","sha256":"3b3615076c46158246345b86f125ad7ac03d2784022194259be976f2200c4a6e","sha512":"1d280016c60cf321ae7fbac870f152c8433fd65c6b25acd9f1dcddefe55885cfd06a7b6689743332d24f00cb8770bd1685e058296538e65634c32b7052e4a9a9","ssdeep":"1536:hiytic5bBPzpl3XN8k6m9Siytic5bBPzpl3XN8k6m9l6UB:7i6bpl3XNf6y0i6bpl3XNf6yP","tlshash":"7aa312092950ca52c8ff0ed959b6283959f89b51c1a218ecf93d83f5c77f9acc2b7904","dom_hash":"domhashc36bc516e8ae03c650873d0cab783963","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"online-omben-crypto.lol","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":0,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-28T06:25:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"online-omben-crypto.lol","ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"domain_registered":"2026-05-21","domain_rank":0,"first_seen":"2026-05-24T06:24:36.843105Z","last_seen":"2026-05-24T06:24:36.843105Z","alert_count":26,"request_count":13,"received_data":381265,"sent_data":6028,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"online-omben-crypto.lol/","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe29a882805d713a34cbbca59f0963f9","sha1":"49d31d522ffce99546acdf1cba4f32aa0173848b","sha256":"44fb423ced12a1cc4ee49043001f246a07efd1d2c5de4b7725fe78d1d51401c9","sha512":"f00a83204b0d75c167145fde50fc2d4546516c7597e145aa560cff6e42e06a8f6aca09fb316192508baa217ab0546283482cf9785b96e0408c756bc1a33bf564","ssdeep":"","tlshash":"00e02b14dd147dfb63d81a4e1b71e9893e072426b3da0f4ccb9ecd44248136d7144804","size":396,"data":"","first_seen":"2026-05-24T06:24:39.774693Z","last_seen":"2026-05-24T06:25:58.521759Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/api.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae874817ed975a056de7b8b9e9dacd3d","sha1":"16f5ab538830168031060c228028a476178360a9","sha256":"88fde9a5a23bf74e36bbbca67d7233e19c2055c413f225cda8ca0a46b90366b1","sha512":"968dddffac19b2618d205d0810de7a4be83b5cef81d2aadeed0612505fdd15a1fb43f1f2f237eda67d882a97ae2cd34978d6e8012a4d38001b2cb9ad03976fc9","ssdeep":"","tlshash":"8c21df4661f7721083c39b7e5ac7a020ae31d0af352e8839b65c10c42f9956c9277fec","size":1266,"data":"","first_seen":"2026-05-12T11:06:43.018988Z","last_seen":"2026-06-05T10:06:41.349579Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/i18n.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"d748d6827ceeb1d8c5bcb459cd091375","sha1":"677ed724b667d6a1b2f4e6245cab6cc6dce7887f","sha256":"04febb4ff49ad8b8afa5dd6c1a845cfebf34341e7bdf1636d5d0f26f604e1870","sha512":"e663f35c6078eafdde821c834fff41f7c2ea5bef467406002ffccd4d82b0da48e0d6fed24a2070445f0e29a4498c43b9b582ecb351777b21e0a77028f42bdcf6","ssdeep":"","tlshash":"7f41dd0e66ff20719033806d9fcbb284fa21346f6684e84d7b6c01912f9292f95a0df8","size":2396,"data":"","first_seen":"2026-05-12T11:06:43.021231Z","last_seen":"2026-06-05T10:06:41.350146Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/app.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"660096fc6ec2d07fe523e1b6078d72a8","sha1":"6593f8c61ae538d19e0fe68506362eec1fa28620","sha256":"55996a86845f2b9fe728eefa67dc8b37ae48af69921425a415aa9a279da4d6e5","sha512":"bdd4e04beb5bff38d810d97d275f0ec401238963a881288f7bb5eeb5d9964e23aa720ee7844bbda69c50b1e1107627becdd0d931f96c051b8ab728229eb58fa8","ssdeep":"384:kESXS6N1GwzMFL9XceJkw2yt2eXqM4vVuJXhxCL8KRQ5622NFKHcbFV7U8+C+gAz:rYNwwgJp2dsRiFzzXLkx0U","tlshash":"b933d65a10f3247b88a721ef1ae76107397a8603b647c94077dc8f510fdada4c6bbe48","size":50785,"data":"","first_seen":"2026-05-24T06:23:10.254307Z","last_seen":"2026-06-05T10:06:41.344675Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"online-omben-crypto.lol/api/public/popular","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /api/public/popular HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 2017\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, X-Crypto-Signature, X-Crypto-Timestamp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2017,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"97e2000fadad9fe244708c115e30e8ce","sha1":"5a5af14f10c6d79fe9cc21c6d8be644bf8e02ec9","sha256":"36fc5770c2ca850a3fa4c5efdac2f570b420eeb97fb55669c28c200cd9ed80dd","sha512":"b10d6c0a2b3654edc535c64af302c19a3315e4bcec5b8ff9d6769dd74a6354b5c252e466ecd34e72a8225b6e4b7ab545f21c640b19376c629d353ee20b73a412","ssdeep":"","tlshash":"7241f709890c1f3e1a9dabc4fcdb3f1ca0661c73b6c114318aaf0ea719d9fd56408b92","first_seen":"2026-05-24T06:23:10.248596Z","last_seen":"2026-05-24T06:25:58.506325Z","times_seen":4,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/themes/cyberpunk/app.css","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /themes/cyberpunk/app.css HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: text/css; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":24830,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (365)","md5":"51bd8085265c310d5fa46c2f42fc2c20","sha1":"30ee5e93fc293073a9f260e8d50e83d40768daba","sha256":"ad67bb24761aa4c9301792d6ba0d9ff7bd5d3d7d11ce32e4a6c5e4a3989f98f2","sha512":"dcdc87fe4cbe0ec821e98e449aaf235330628be30623e2501d4897e376f19a9300a8185e7647f575ad33308e70e49de93d0e70a1d63ddf35502ee1c735479493","ssdeep":"384:L+ZHK8p3mwMnIUeFmmseBCHUilu1gYfTkIAbCCyODU8DAAFfPUyyPyFyWzwAZ9:L+RK8pKneYmseBCH01fYOuA8Xfcowm","tlshash":"87b2632367206278b957ba74bbcb776e731cf217d50655b8acc40008c6ce6f912aaf4d","first_seen":"2026-05-24T06:24:39.765097Z","last_seen":"2026-05-24T06:25:58.507809Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/api.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /js/api.js HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1778425784852-1266\r\nContent-Encoding: gzip\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1266,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ae874817ed975a056de7b8b9e9dacd3d","sha1":"16f5ab538830168031060c228028a476178360a9","sha256":"88fde9a5a23bf74e36bbbca67d7233e19c2055c413f225cda8ca0a46b90366b1","sha512":"968dddffac19b2618d205d0810de7a4be83b5cef81d2aadeed0612505fdd15a1fb43f1f2f237eda67d882a97ae2cd34978d6e8012a4d38001b2cb9ad03976fc9","ssdeep":"","tlshash":"8c21df4661f7721083c39b7e5ac7a020ae31d0af352e8839b65c10c42f9956c9277fec","first_seen":"2026-05-12T11:06:43.018988Z","last_seen":"2026-06-05T10:06:41.349579Z","times_seen":7,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":120,"dns":0,"connect":51,"send":0,"wait":64,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/i18n.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /js/i18n.js HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1778090418205-2396\r\nContent-Encoding: gzip\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2396,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"d748d6827ceeb1d8c5bcb459cd091375","sha1":"677ed724b667d6a1b2f4e6245cab6cc6dce7887f","sha256":"04febb4ff49ad8b8afa5dd6c1a845cfebf34341e7bdf1636d5d0f26f604e1870","sha512":"e663f35c6078eafdde821c834fff41f7c2ea5bef467406002ffccd4d82b0da48e0d6fed24a2070445f0e29a4498c43b9b582ecb351777b21e0a77028f42bdcf6","ssdeep":"","tlshash":"7f41dd0e66ff20719033806d9fcbb284fa21346f6684e84d7b6c01912f9292f95a0df8","first_seen":"2026-05-12T11:06:43.021231Z","last_seen":"2026-06-05T10:06:41.350146Z","times_seen":7,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":119,"dns":1,"connect":52,"send":0,"wait":64,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/img/logo.png","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 27498\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1777657478311-27498\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":27498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 599 x 214, 8-bit/color RGBA, non-interlaced","md5":"620c6ed8986ee77e80c8a41e08dea127","sha1":"306e4d141815b758a87483937f27a427627a540c","sha256":"bd1f53f63accfa540703211a23044a9c0f4ff171fb314419979e792ec72c1c3b","sha512":"e72881aca295bc9f444e2b40782928e1ae82da960821b5b1352b27d2bc44ced3601fea6c31e40f047a317bbee838f64fd7aae666ecaaa60d601972c217df9f43","ssdeep":"768:zqFbZqxMkoBGonigfEP0NGwouzuNwBsy610:uuikMGeNG/uz7Di0","tlshash":"0bc2e1b247661f6fdee64912615cc64c38d659b4a11020bce421f3bda7f494c2aece93","first_seen":"2026-05-12T11:06:43.011655Z","last_seen":"2026-06-05T10:06:41.350766Z","times_seen":7,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":64,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/favicon-32.png","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /favicon-32.png HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 902\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1777657478310-902\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"968d89a9be23a4003fde49961e422caf","sha1":"d10004a50657ff04b210cf02aabcd1ae44f19483","sha256":"ef9405b840dc84d725bde683c8f643cd29a3574ef58ccc53f725a4453b839184","sha512":"acc2f0779980b59df4fa69c54c53e2321efb6611592ca5b50d1d1e089f2d3bd43992f6910d3955c05162006a6f9e80f4b5d769021e696950b36d9a54be6d7b7b","ssdeep":"","tlshash":"b61167845e319ae544ca0fb6fb7d026a2e1378e8e864055eb059e4c5117f8e10eeb37b","first_seen":"2026-05-12T11:06:43.012585Z","last_seen":"2026-06-05T10:06:41.345554Z","times_seen":7,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-24T06:25:35.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:35 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Language, Cookie\r\nCache-Control: no-cache, must-revalidate\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":105737,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (45127)","md5":"ad6a8055d7eba9c67c913cf4a056cc3c","sha1":"1c32250f4e2fd6d2d3bbb0ed03ac6ec1c59f18c6","sha256":"225174c479efbde49ba1d60241d9481b95f2a411f0b1fe9ee79bf8ce0ed1169c","sha512":"e305f02cc5c70578fb4142acb18e12860fe62d956fa698ee09c1de98c4f5480edd47697eb8633748be619b975e4292ce82d13ff49cce79518e78d58d3208c7af","ssdeep":"1536:ipiytic5bBPzpl3XN8k6m9Siytic5bBPzpl3XN8k6m9M:iTi6bpl3XNf6y0i6bpl3XNf6yM","tlshash":"6ea311092950ca52c8ff0ed959b6283959f89b51c1a218ecf93d83f5c77f9acc2b7904","first_seen":"2026-05-24T06:24:39.768938Z","last_seen":"2026-05-24T06:25:58.515037Z","times_seen":2,"resource_available":true,"data":null}},"time_used":531,"timings":{"blocked":111,"dns":1,"connect":49,"send":0,"wait":252,"receive":57,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/locales/en.json","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /locales/en.json HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1778601844924-12677\r\nCache-Control: public, max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12677,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"13aef70141f252f002076cf6ec2c42f9","sha1":"9b53e09912de9081fe94f8371ebcc9e9d0d2b8f7","sha256":"6d4051e9d6e335b17e2676d41e13c9929f251834e64cba8b8f63757204ff95eb","sha512":"600d8254034a7f9b38477948a27a38dbeb94473f9a95058e815a5667c41864ee3187d1d475fc2340821c67f2904259f68ba276d4d00700ffef2bf6600936e3d0","ssdeep":"192:On69lwAVlKgYjJHpkIiFz8MwdvDrgpD53gkg5pYStJ4Vfl4GvrhUJ1gV9Yl8tPqM:O69lwAujBMUvDU7c59WVN/sWLYlCT","tlshash":"18423019da542e7381cd21942ea6b5c67a2c94dbda5039183becc88c1f4dc5e80fef9d","first_seen":"2026-05-24T06:23:10.255731Z","last_seen":"2026-06-05T10:06:41.344064Z","times_seen":5,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":117,"dns":1,"connect":51,"send":0,"wait":59,"receive":1,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/js/app.js","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1778852990084-50818\r\nContent-Encoding: gzip\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":50818,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"660096fc6ec2d07fe523e1b6078d72a8","sha1":"6593f8c61ae538d19e0fe68506362eec1fa28620","sha256":"55996a86845f2b9fe728eefa67dc8b37ae48af69921425a415aa9a279da4d6e5","sha512":"bdd4e04beb5bff38d810d97d275f0ec401238963a881288f7bb5eeb5d9964e23aa720ee7844bbda69c50b1e1107627becdd0d931f96c051b8ab728229eb58fa8","ssdeep":"384:kESXS6N1GwzMFL9XceJkw2yt2eXqM4vVuJXhxCL8KRQ5622NFKHcbFV7U8+C+gAz:rYNwwgJp2dsRiFzzXLkx0U","tlshash":"b933d65a10f3247b88a721ef1ae76107397a8603b647c94077dc8f510fdada4c6bbe48","first_seen":"2026-05-24T06:23:10.254307Z","last_seen":"2026-06-05T10:06:41.344675Z","times_seen":5,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":119,"dns":0,"connect":56,"send":0,"wait":67,"receive":1,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/favicon-32.png","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /favicon-32.png HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: image/png\r\nContent-Length: 902\r\nConnection: keep-alive\r\nVary: Origin\r\nETag: 1777657478310-902\r\nExpires: Tue, 23 Jun 2026 06:25:36 GMT\r\nCache-Control: max-age=2592000, public, immutable\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"968d89a9be23a4003fde49961e422caf","sha1":"d10004a50657ff04b210cf02aabcd1ae44f19483","sha256":"ef9405b840dc84d725bde683c8f643cd29a3574ef58ccc53f725a4453b839184","sha512":"acc2f0779980b59df4fa69c54c53e2321efb6611592ca5b50d1d1e089f2d3bd43992f6910d3955c05162006a6f9e80f4b5d769021e696950b36d9a54be6d7b7b","ssdeep":"","tlshash":"b61167845e319ae544ca0fb6fb7d026a2e1378e8e864055eb059e4c5117f8e10eeb37b","first_seen":"2026-05-12T11:06:43.012585Z","last_seen":"2026-06-05T10:06:41.345554Z","times_seen":7,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/api/public/currencies","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /api/public/currencies HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 147853\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, X-Crypto-Signature, X-Crypto-Timestamp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":147853,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"31d1917017ace1c4a11b70765c8d6f87","sha1":"fd94e30e2cdc2ed8b00ffcb6b527da82ff7218ec","sha256":"c51470bffc3daddaa9ba29ecd95ae06c0ba53857cb702203d77e7e48d70934d2","sha512":"07455ada482d0c09c49c2bf1ffa02c6ae546aed102c90b8b29e6a8021995e2cef4c0e399789abbb0f65c8d4c7903d335bb1d127dc473f68ff9877e57d810f3c7","ssdeep":"768:g+sOs/MEWGBpGcYnundnGn/7YAHPU4X+/4urRa/COe9S03Qa0YY/:gMs/MHGBc5HI/4uc/Cg03Qa0YA","tlshash":"0ee38fbd21b5a96e411246629ada7ff4bfa8703244ac5cc4ff0fc76c80a65740c4a6fd","first_seen":"2026-05-24T06:23:10.240828Z","last_seen":"2026-05-24T06:25:58.518686Z","times_seen":4,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":82,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/api/public/stats","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /api/public/stats HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 118\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, X-Crypto-Signature, X-Crypto-Timestamp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d7f368ec21f3278a8342520a8f10aae","sha1":"fc9f1f6edb8393b08aba614b86e7292a25e25acf","sha256":"16110df6b39159aaaf0e8b964fe082f3fb3ce3d2b74c1cb13d9dc6268d8cca0e","sha512":"0d82a1ecbf115a4e1f1779f8c8c38ea210a1c092ec5e15aaa3a37c6e7c8ba0c6657d6f45d9162f9b1325559e179a055ffe23ef28f327a91a67eaf915764ed5f8","ssdeep":"","tlshash":"66b09259f264bcb3f0371d65fa9358f4181931606ea4168c62cc9851d2806628c4c906","first_seen":"2026-05-24T06:23:10.245632Z","last_seen":"2026-05-24T06:25:58.519955Z","times_seen":4,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online-omben-crypto.lol/api/public/articles?lang=en\u0026limit=3","fqdn":"online-omben-crypto.lol","domain":"online-omben-crypto.lol","tld":"lol"},"ip":{"addr":"185.173.37.79","port":443,"asn":212441,"as":"Cloud assets LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://online-omben-crypto.lol/","date":"2026-05-24T06:25:36.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online-omben-crypto.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 09:52:55 GMT","end":"Fri, 21 Aug 2026 09:52:54 GMT"},"fingerprint":{"sha1":"00:AE:D0:B5:B4:60:3D:65:91:74:12:26:75:C1:6A:24:2C:08:73:17","sha256":"87:B2:2D:B7:9F:8B:A2:72:D5:17:67:63:E1:3C:00:31:6A:AC:2E:85:3A:48:B6:6A:99:F4:4A:1E:93:FA:1C:FA"}}},"request":{"raw":"GET /api/public/articles?lang=en\u0026limit=3 HTTP/1.1\r\nHost: online-omben-crypto.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://online-omben-crypto.lol/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: lang=en\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 24 May 2026 06:25:36 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 2\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, X-Crypto-Signature, X-Crypto-Timestamp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d751713988987e9331980363e24189ce","sha1":"97d170e1550eee4afc0af065b78cda302a97674c","sha256":"4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945","sha512":"b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af","ssdeep":"","tlshash":"c7100000000000000000000000000000000003000000c0000000000000000000000000","first_seen":"2023-03-08T00:02:47Z","last_seen":"2026-06-06T16:13:37.153385Z","times_seen":290221,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"online-omben-crypto.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}