{"report_id":"cdc4eb89-c459-47f9-9abb-0fbfd89dfdf7","version":6,"status":"done","tags":["phishing","kratos","aitm"],"date":"2025-10-15T06:33:43Z","url":{"schema":"http","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"104.21.57.106","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"title":"Secure Your Access"},"submit":{"url":{"schema":"http","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"104.21.57.106","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-19T06:33:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":3,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-15T06:33:22Z","timestamp":1760510002,"ip_dst":{"addr":"54.240.174.76","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":40854,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-10-15T06:33:22.428774+0000\",\"flow_id\":475675147533290,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":40854,\"dest_ip\":\"54.240.174.76\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":914,\"bytes_toclient\":1634,\"start\":\"2025-10-15T06:33:22.424938+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]},"summary":[{"fqdn":"makominingcorp.company","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-07","domain_rank":0,"first_seen":"2025-10-05T08:08:19.743573Z","last_seen":"2025-10-12T22:50:13.231147Z","alert_count":22,"request_count":11,"received_data":422548,"sent_data":6393,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"api.capchk.org","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-03","domain_rank":0,"first_seen":"2025-10-06T12:44:17.37183Z","last_seen":"2025-10-13T12:49:24.253371Z","alert_count":2,"request_count":2,"received_data":1873,"sent_data":1105,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"openfpcdn.io","ip":{"addr":"54.240.174.76","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-11-10","domain_rank":9255,"first_seen":"2021-11-11T13:02:44Z","last_seen":"2025-10-12T23:52:37.974271Z","alert_count":0,"request_count":1,"received_data":15894,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-12T22:16:17.945241Z","alert_count":0,"request_count":1,"received_data":3575,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-15T06:33:22Z","timestamp":1760510002,"ip_dst":{"addr":"54.240.174.76","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":40854,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-10-15T06:33:22.428774+0000\",\"flow_id\":475675147533290,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":40854,\"dest_ip\":\"54.240.174.76\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":914,\"bytes_toclient\":1634,\"start\":\"2025-10-15T06:33:22.424938+0000\"}}"}]}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba92a37a1c8019df034434759b1e2df6","sha1":"1d0e556dad27bc94bc8119791baa11b895a8a46c","sha256":"a074250df99d8916c03688834daf1dba26a2a506252356c43fc229ac5587ab0c","sha512":"0162c886e95ed79320710bba6a07083295d0eb21c20900c81679eaff45cf94b4d818b2d48bc765858cc83c74211201c710863c9e04f134d00e817f90fd1c4f57","ssdeep":"192:AAGv/bpgGIhkFT3s/+HkjhJ6d7esptLaeZRORbSKgwBaDqDaiZbd:AAGvFgGIhkFAM+eZRORbSKgw0DZobd","tlshash":"5a323dd6b586d9dac3237014573b4e045e1427eb0f44fb00ae0d268d26eadee7ad6cd8","size":11857,"data":"","first_seen":"2025-10-15T06:33:45.03068Z","last_seen":"2025-10-15T06:33:45.03068Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/js/saosebUXzubaVTIx4jDA.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","size":73441,"data":"","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/nuvakH6fl94Tkcim.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ace8b683fe731b9b4d7c5c606ede7104","sha1":"f5822cd4dc170809befb9144f77fab9657436c8d","sha256":"5e8a39a157dfd13b51b0df79db2c846a9fbe59a31ec7cfd93fcfa66999150b9f","sha512":"8b493208a4b3b782284435eb248c7a55fc9a4e3212a5ef64f74a73f7c93fe716408f622279c37094e5e6a7a833ef260cbc71d7e800ab50a2850cf050afbf37db","ssdeep":"1536:yu3bXdpuFJgR9YxSgPaZewnn1Dnvspfcj0:13b6FSR9VgC91DnqUj0","tlshash":"47c3fda34901bcbfe3aac1b1d39e3956d8aaea11e7d714d37042ace1346f26558df1c0","size":122703,"data":"","first_seen":"2025-08-01T21:22:09.653175Z","last_seen":"2026-06-11T06:44:32.310202Z","times_seen":812,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"389aade609c1ed54c67e1a7990d6639a","sha1":"8f8c68489009c316c3263ee8fb25a107ca1251d9","sha256":"1a5f6045cd2fe820c66186a79da328556246a56b450b7289dc8bed55fc7cb0df","sha512":"5e54c895adcdbbaf8df4b388cd7d11e07c47465aaaf651c0311c9c108f3f2e819c15b638401c5cb912bd548b8c04c9370bd1efafee94b4e5a104b5308c7b23b7","ssdeep":"384:AoJyu0wOcc3er4mY5alNv3rThaygDYQRscYQR06oicMvM+7PvM8PvM8hvMtVHIPZ:AxKH0mY8L9jn6oizx7PbPzzZfeZq5KQ","tlshash":"891330903f95f094c6c42362baad087efc7c349183d7650da73f854b27b05e691c9a6e","size":41607,"data":"","first_seen":"2025-10-15T06:33:45.040155Z","last_seen":"2025-10-15T06:33:45.040155Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bd9c5168ce9ea41b6d570d2346702aa","sha1":"6dcc1a811ff4d34933a5b881bea9135f51fdfbcc","sha256":"a207ca80634613b7b874d37e3cb424ed870bf31f83ea0f3e9bbe321477d23c6c","sha512":"8c32d7d0e6a46cc364e7ff759addb87c416532e0edec05aef873bb4ffb28f9fdceac8c570873f71aede110d6b2f924588cbc1b5722fec59268a0576ff6ab3a21","ssdeep":"192:7BIhBTAF/C+onv5V8XAlQu100bKWehWCQCaiSZ59mbCTwvn:7B6SF/C+o8mGb7xv","tlshash":"2a025f5dedfb20a028b3307f4befa20526765127e40cdc007d5d93045f94eaa5aaafd8","size":8761,"data":"","first_seen":"2025-10-15T06:33:45.049323Z","last_seen":"2025-10-15T06:33:45.049323Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/WYASzCxrQ1r7Uoy.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d73540e77a95afc0e175e6832632f80","sha1":"395b7f01612c818e42180d7bd6cc45dee889d931","sha256":"22b383bee9018beb60be59df9dc5693b710b4fbb460c4ee72249eb6bbb15340b","sha512":"845d3078a4f637aefc1cd555bc821a608ddf3f20254c2e3eae22746369f14c8b5fa3a3aae65ac47953c66d6293cda0014188649b13caa816f545fa4c074de58e","ssdeep":"192:XJOvc1ds4w/WeDKCOtsclRSQdZ1opYAGARKWmuykrLe0L8sYAqzLkK0hYS1:5O94EWIKCOlRS2o6AGAHx3HLEvqj","tlshash":"ce62409e26523da3d21fd6f606c7a2cba9b42540cb884002c6dc53c876786e573f9c7b","size":15856,"data":"","first_seen":"2025-07-27T12:49:35.332897Z","last_seen":"2026-06-11T06:44:32.314961Z","times_seen":823,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.76","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","size":15196,"data":"","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-06-13T10:51:02.621956Z","times_seen":13473,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/js/saosebUXzubaVTIx4jDA.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","size":73441,"data":"","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c0c26218d99be38ab3635010194f46db","sha1":"04647de3af7810f4a3fc4ad700d89b948946fdb7","sha256":"9e151313e5548df3c3dc576b8fb485e02001cea2a863a63d4df8fcbb67747802","sha512":"8e4cb29e1c4635e3117b2975f847b2a8b3138a431b4cb6dfae9cb91a066c2eb499c3ea27f5a5fec9c6682ec21df3c9bf6f7d283fac9511c128c9258cd280957f","ssdeep":"192:bBIhBTAF/C+onv5V8XAlQu100bKWehWCQCaiSZ59mbCTwvn:bB6SF/C+o8mGb7xv","tlshash":"4f02705dadfb20a028b3307f4befa20526765127240cdc007d5dd3049f94eaa5abafd8","size":8589,"data":"","first_seen":"2025-10-15T06:33:45.055235Z","last_seen":"2025-10-15T06:33:45.055235Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"4ce5f17e4e4e9d9d4590e98be12b7279","sha1":"2f64e52e4109a9183c0e701317bc2b04db3446ce","sha256":"32ac71c0adc2a6c275d85107b3c26dc21137a288207446c9616dc1c8ee40cda5","sha512":"280ee70af322a61c38d6eaedfffd98d8a8ab5ab647eafc083f0ebf61f3ce4b12433528dd5cdf441c5e67a23bdf00cf4f5b4255a88a9b0f4d32dfa6c137948b24","ssdeep":"192:hU9uziZeE9M6IDyDPHv+4kw4Mwx76BYztAn/jggp5gTkFhm0B0Kyem/jliWV:sfPvD2MB8Wn/jg0gYEkMpV","tlshash":"ab824296d0a101111433e3fa8bfba325e9f60527950256147eeca3295ffecc2b562fd8","size":18701,"data":"","first_seen":"2025-10-15T06:33:45.064345Z","last_seen":"2025-10-15T06:33:45.064345Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T06:33:21.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dXmDKqU24YBTVNo4bMYSLhzx3PLEyhasUnvTS1a0ohydaQpSZrhWJ2pwBus8zx95vzMvs0sV8ox9HqJlvnAK%2FVtOeN90ixrnm8DyD2FLrw%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 98ed48d73c6f5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56393,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (33286)","md5":"0dd9b2174a33ed3fe7500cfff49ae844","sha1":"8fecbbf0f0591d496af492c6bead8df506ec7e3f","sha256":"c659b9662308b6ae12ad7d0897994e78f7a8699f9ee1698a86a22c8e600635f0","sha512":"711069304f853e7c5d5e2cbba578e10737f5401eb3c50e9506a70e8d735ed2cf3193e3308e753d7bad9d6c362e6d83e12650c8471485f3263e26649eb1144141","ssdeep":"1536:2j/Yt/yS8MHHx8UEkeCM61gtYAm9q59fdpilGF3SIvUmjPwAUvQJIIoPx52D:6Yt/pCUEkeCMivA","tlshash":"36432d3ca6f3e8a20fa6a223f36e9d0ef23b6467b105fc527d4da6843f515903751185","first_seen":"2025-10-15T06:33:44.979816Z","last_seen":"2025-10-15T06:33:44.979816Z","times_seen":1,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/js/saosebUXzubaVTIx4jDA.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:22.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /js/saosebUXzubaVTIx4jDA.js HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:23 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 18610\r\nserver: cloudflare\r\netag: \"11ee1-68e81f99-2a0db7;br\"\r\nlast-modified: Thu, 09 Oct 2025 20:48:25 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lc1rnrrEsyHUEn1DGctHvGgb2C9JOk5W9h4%2BbTl6al3NONEGt7wkqYv%2FsOvpxy3PKOn8Pe6GFRKFauEqMYa2yXSJgCVN2HZIkX5vHq6TPA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 98ed48debe080b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":73441,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (34280)","md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"resource_available":true,"data":null}},"time_used":678,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":676,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/ef6b61fee5154381/images/favicon.ico","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:23.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /ef6b61fee5154381/images/favicon.ico HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:23 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 370\r\nserver: cloudflare\r\ncache-control: public, max-age=43200\r\nexpires: Wed, 15 Oct 2025 18:33:23 GMT\r\netag: \"47e-682b2a98-2a0daf;br\"\r\nlast-modified: Mon, 19 May 2025 12:56:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TJ0eWhwJgTvjeEFn026cOvpfKhkgDz58VDvdeoRyRfTVODBebEx0AcnbkZQVgJ%2BXhn86SootwKmqx0uZUbjfQ53c%2BRcca7Tkte%2BsLekqkA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6,i=?0\r\ncf-ray: 98ed48e09f460b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"7cdd5a7e87e82d145e7f82358f9ebd04","sha1":"265104cad00300e4094f8ce6a9edc86e54812ead","sha256":"5d91563b6acd54468ae282083cf9ee3d2c9b2daa45a8de9cb661c2195b9f6cbf","sha512":"407919cb23d24fd8ea7646c941f4dcee922b9b4021b6975dd30c738e61e1a147e10a473956a8fbb2ddf7559695e540f2cdf8535db2c66fa6c7decda38bb1b112","ssdeep":"","tlshash":"f621dbd23481462efe42387fa17a8b35b545ec0c4a5c101b1878fda5f2db4aa2921f14","first_seen":"2023-04-30T22:43:18Z","last_seen":"2026-06-13T19:12:04.78387Z","times_seen":3545,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"api.capchk.org/puzzle?sitekey=712294c7cb9841348791888e9f36661a","fqdn":"api.capchk.org","domain":"capchk.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:27.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capchk.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Oct 2025 14:10:16 GMT","end":"Thu, 01 Jan 2026 15:07:58 GMT"},"fingerprint":{"sha1":"E5:60:95:5A:BF:56:AA:BD:E4:07:2A:87:58:5B:1C:06:D2:47:7D:6D","sha256":"9A:6F:7A:43:AF:56:F6:03:54:F0:72:13:5F:C6:63:D6:4D:F1:1F:B8:B4:F7:3E:44:77:79:2A:A2:D9:54:FC:70"}}},"request":{"raw":"GET /puzzle?sitekey=712294c7cb9841348791888e9f36661a HTTP/1.1\r\nHost: api.capchk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://makominingcorp.company/\r\nx-pc-captcha-version: 1\r\nOrigin: https://makominingcorp.company\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:27 GMT\r\ncontent-type: text/plain\r\ncontent-length: 97\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: https://makominingcorp.company\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\npragma: no-cache\r\nvary: Origin\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 998\r\nx-ratelimit-reset: 2\r\nx-trace-id: d3nk0dq7td5s73fol2fg\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vJ2gIOn3AET6CEGs5WWdmJcoD5XNXOukxoUAOLpjjjmb3obID7l7Q6NLr4xPTlVMIj2Zi0p1Wi1FFa7yF%2FzZ6JmSbYkI4BE0IMVxDQ%3D%3D\"}]}\r\ncf-ray: 98ed48fabe775695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":97,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"ef13a4ce885fd14e617c1345c65f696c","sha1":"d9e86eee1d4ae8dc7fe069ed4eed61b61ff88f64","sha256":"615cf774d9cc7c921ac2534ca3eac5c3b7fd9cc1e98bc784215fd21ced20ea35","sha512":"9d7fe25f529035027dbc2be4a6c7847ad66b220e8990cbda8c5e39912116602346b73f2d1963e35bb8d5f7aa2214c301597de476c1660b4c420bd8741102e8b7","ssdeep":"","tlshash":"4cb01223a1f6158280b6d582d03018703474e43ffc3d18470375d600513c0f0c5430c2","first_seen":"2025-10-15T06:33:44.993246Z","last_seen":"2025-10-15T06:33:44.993246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/nuvakH6fl94Tkcim.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:32.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/nuvakH6fl94Tkcim.js HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:33 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 28229\r\nserver: cloudflare\r\netag: \"1df4f-68842ce0-2a0dba;br\"\r\nlast-modified: Sat, 26 Jul 2025 01:18:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nXqfkqA4vaqnipiM71ljRFmWnAMapjO%2FJARTaOeE5kcCwk8ryTjmXkeY8zc1ecJPL1BkYb0QGW4fzyN9h7RAZmWQvRf2%2F6PeMpqbthM7VA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 98ed491c1e7a0b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":122703,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ace8b683fe731b9b4d7c5c606ede7104","sha1":"f5822cd4dc170809befb9144f77fab9657436c8d","sha256":"5e8a39a157dfd13b51b0df79db2c846a9fbe59a31ec7cfd93fcfa66999150b9f","sha512":"8b493208a4b3b782284435eb248c7a55fc9a4e3212a5ef64f74a73f7c93fe716408f622279c37094e5e6a7a833ef260cbc71d7e800ab50a2850cf050afbf37db","ssdeep":"1536:yu3bXdpuFJgR9YxSgPaZewnn1Dnvspfcj0:13b6FSR9VgC91DnqUj0","tlshash":"47c3fda34901bcbfe3aac1b1d39e3956d8aaea11e7d714d37042ace1346f26558df1c0","first_seen":"2025-08-01T21:22:09.653175Z","last_seen":"2026-06-11T06:44:32.310202Z","times_seen":812,"resource_available":true,"data":null}},"time_used":671,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":668,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.76","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:22.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openfpcdn.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 27 Nov 2024 00:00:00 GMT","end":"Sat, 27 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"DB:8B:1E:08:FC:EE:6F:56:28:0B:74:80:37:E0:DE:69:D3:59:96:8D","sha256":"C1:3F:58:99:2C:D2:A0:B9:C0:DA:6D:01:AE:FD:93:AB:09:79:09:0C:A8:0B:EB:21:23:E9:A8:78:90:96:EE:55"}}},"request":{"raw":"GET /botd/v1 HTTP/1.1\r\nHost: openfpcdn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://makominingcorp.company\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: CloudFront\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Wed, 15 Oct 2025 05:10:47 GMT\r\ncache-control: public, max-age=579993, s-maxage=11000\r\netag: W/\"5co2cnhGrt59+8B+iLKwJesMrpA\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: byHHb6_egcaO4u8M8P568aMfuQlQLjvW481hNhYV8CQ2vZXgwSoIHw==\r\nage: 4955\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":15196,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15005)","md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-06-13T10:51:02.621956Z","times_seen":13473,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":30,"dns":23,"connect":1,"send":0,"wait":1,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/favicon.ico","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:22.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 15 Oct 2025 06:33:23 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nx-turbo-charged-by: LiteSpeed\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FSpOLU3%2FXUNkyKQnBkkUEbdOtzdYR2k1vbnQvRzv9SS4aQLYBKzBH099qP6CHHVv32%2FoWMxfSu8%2F9DuYtbqHSkPHrsecl6%2FJYZcVsP8MSA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncf-ray: 98ed48db8bd40b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-06-13T23:49:21.23106Z","times_seen":41226,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"api.capchk.org/puzzle?sitekey=712294c7cb9841348791888e9f36661a","fqdn":"api.capchk.org","domain":"capchk.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:26.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capchk.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Oct 2025 14:10:16 GMT","end":"Thu, 01 Jan 2026 15:07:58 GMT"},"fingerprint":{"sha1":"E5:60:95:5A:BF:56:AA:BD:E4:07:2A:87:58:5B:1C:06:D2:47:7D:6D","sha256":"9A:6F:7A:43:AF:56:F6:03:54:F0:72:13:5F:C6:63:D6:4D:F1:1F:B8:B4:F7:3E:44:77:79:2A:A2:D9:54:FC:70"}}},"request":{"raw":"OPTIONS /puzzle?sitekey=712294c7cb9841348791888e9f36661a HTTP/1.1\r\nHost: api.capchk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-pc-captcha-version\r\nReferer: https://makominingcorp.company/\r\nOrigin: https://makominingcorp.company\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 15 Oct 2025 06:33:27 GMT\r\nserver: cloudflare\r\naccess-control-allow-headers: x-pc-captcha-version\r\naccess-control-allow-methods: GET\r\naccess-control-allow-origin: https://makominingcorp.company\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=86400\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Request-Private-Network\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 999\r\nx-ratelimit-reset: 1\r\nx-trace-id: d3nk0dq7td5s73fol2d0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pZbdWj6uH2TQjZ%2Bnft8tN6YsX%2B6I1SID8QnjmAlbVdKaOiSjdQ2NWFSgonpmmvPhNYODL6JOcPd%2FzqQK9WHegckT2D37Fkp%2BQOfQ0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98ed48f81bdc5695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T01:33:42.567327Z","times_seen":16400444,"resource_available":true,"data":null}},"time_used":873,"timings":{"blocked":230,"dns":21,"connect":1,"send":0,"wait":412,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T06:33:31.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 317\r\nOrigin: https://makominingcorp.company\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dwQCWdnSSTFzouhB1MBr01%2FwRsA9EFSiobi%2Bnx2lVQLK2%2B9YiYa2IvnoYdQTdM3WeB%2BVA1EiFL5CjneJbc4CRtPqNm8cust98snRlvOelA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=1,i=?0\r\ncontent-encoding: br\r\ncf-ray: 98ed491469b20b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":58510,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (41016), with CRLF line terminators","md5":"abf24d0a0cdf95b6a50c8bd42254e299","sha1":"2ff4d512ba75ba6a3e04c4c965b19b6bfb107a33","sha256":"8886677f1ef1415b543687499071b6285b3bcac96b75a60a97ab7f527e5976d6","sha512":"6f6fa40f8c7a680f6fa37ab2fe85cff1844d294ad2661d41cac9a9bf87564e716c2a21ec85ef2c348cf29af53a41ae7b0b53200445a5699e024910bbe2fc06a8","ssdeep":"768:29dkB+hV9gnhkFAM+909utKH0mY8L9jn6oizx7PbPzzZfeZq5K6:29dOJeFA3mLY8LwoizdrzzZfeZq5K6","tlshash":"c44394d03b85f094c6d52352ba7e093efd6831914bc3650dbb3f854b27b08e691ca9ad","first_seen":"2025-10-15T06:33:45.009992Z","last_seen":"2025-10-15T06:33:45.009992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1187,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/syntaxerror019/HTML-STO/ld.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D","date":"2025-10-15T06:33:33.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /gh/syntaxerror019/HTML-STO/ld.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"af5-IuZCjziTq18nLEpNfGlMwPnGfiA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 13777\r\ndate: Wed, 15 Oct 2025 06:33:33 GMT\r\nx-served-by: cache-fra-etou8220154-FRA, cache-hel1410021-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 953\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2804)","md5":"0cb699a5581c3f985c95d7622a448b27","sha1":"22e6428f3893ab5f272c4a4d7c694cc0f9c67e20","sha256":"d156c15c56a07666d0de4e518c4960da11648012d8b0adb6ad0d549a45594e30","sha512":"48d31f0aaf970b87041039924f4eb357d4f56ce7524faa829d62ed5e8bd22449f11b33af91eb4125deae965fc99241184764a9d256932db1bc31f0fa7785f7ba","ssdeep":"","tlshash":"2d510e17bed0a2d6632be5bf3b239cc4fc699c0636221303f040a88ce8e6d99d566035","first_seen":"2024-12-03T14:39:02.115666Z","last_seen":"2025-12-13T11:13:30.878582Z","times_seen":475,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":53,"dns":1,"connect":13,"send":0,"wait":14,"receive":1,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"makominingcorp.company/#douglas.freidestam@tele2.com","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T06:33:20.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2Fh4vLRKs2Q%2F%2BW0kHT24mTQZ1tdjeugwTAjmh%2FpPI2%2BlTvqns5e8e82o%2F%2FmLjCQHMuW%2B0tgYRQBgCIWKqKIPpKkcu8YoqJvs4hME270Bnw%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci; Path=/\r\ncf-ray: 98ed48d28a035a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3947,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (501), with CRLF line terminators","md5":"e3912a0ff3a45e9b8c751e55c7f6b10c","sha1":"873edaf37b28f80666dc085262d04ec7cf3066d1","sha256":"48dabbf96cb9cda0f8f5146423b5925640c4c197c53cfc748503c6ef40e24ccc","sha512":"4fda17f950fc9ace4ba50e9e263bad646a9c7f665f0c45fd871c91750fc1c51b8e4ea8e43028af68dde0154349cfd605fc09f930dae9cc5567e422c81ef97e5e","ssdeep":"","tlshash":"f181c71986c5260958b3c3e29b76c794fee11057c7028a76759d72935f73c82c2d3e14","first_seen":"2025-10-15T06:33:45.018038Z","last_seen":"2025-10-15T06:33:45.018038Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1808,"timings":{"blocked":609,"dns":173,"connect":1,"send":0,"wait":590,"receive":0,"ssl":432},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/js/saosebUXzubaVTIx4jDA.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:23.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /js/saosebUXzubaVTIx4jDA.js HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:23 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 18610\r\nserver: cloudflare\r\netag: \"11ee1-68e81f99-2a0db7;br\"\r\nlast-modified: Thu, 09 Oct 2025 20:48:25 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lc1rnrrEsyHUEn1DGctHvGgb2C9JOk5W9h4%2BbTl6al3NONEGt7wkqYv%2FsOvpxy3PKOn8Pe6GFRKFauEqMYa2yXSJgCVN2HZIkX5vHq6TPA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-ray: 98ed48df5e860b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73441,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (34280)","md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"resource_available":true,"data":null}},"time_used":582,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":578,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T06:33:33.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PWm06lNUYy2UHpzeQd8Md7hw3JikQtL3%2Bw1595jBFK73gAK4eRlDzhPj1wljk8h%2BHcZb8qWn5dIn%2Bv7JFCljNF%2B0B5Nr195yhfaJeG34vQ%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=1,i=?0\r\ncontent-encoding: br\r\ncf-ray: 98ed4920892b0b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6446,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3217), with CRLF line terminators","md5":"1e6e9cfb7883df1c4c82e07c8ffb8840","sha1":"dcb7eab0be482dc3ad7437f655904f4a41585086","sha256":"0a281407647fc4f9efcbf0b4c0b09b224bc22d01360ce318d3802bf231c3143a","sha512":"de8da859c2c8aec7781cd61af5f99366e08d14d5808a9051a0ff6ad9c43d335eca24796f5fb92f0e812f07d9e5946f22d596304314298fc9e361cb13fb66a968","ssdeep":"192:L+oIhdTWMxLL7mlFYpmZhAZSHdccaQPvsQoClKrFIYU+4Z:5IhpxXCFYpm/AZMccYQoCkFEZ","tlshash":"95d19c1ce8c0603683b792bda3252bacf9d64eddd673840dd36092b03b60e65ee53674","first_seen":"2025-10-15T06:33:45.022878Z","last_seen":"2025-10-15T06:33:45.022878Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/favicon.ico","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D","date":"2025-10-15T06:33:34.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/8VCqGBKfiKKRl?a=ZG91Z2xhcy5mcmVpZGVzdGFtQHRlbGUyLmNvbQ%3D%3D\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 15 Oct 2025 06:33:35 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nx-turbo-charged-by: LiteSpeed\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZYwqF9KO%2FvlTob9FZEU1eDUw9SIjvIIkQUpqgckEaBTgM29%2BANilWxIqHElZpFhcVwR1j5WkET4BOBgup3kGiff2LsX2LoDbwTJg0vF6xA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncf-ray: 98ed49276df70b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-06-13T23:49:21.23106Z","times_seen":41226,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"makominingcorp.company/LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/WYASzCxrQ1r7Uoy.js","fqdn":"makominingcorp.company","domain":"makominingcorp.company","tld":"company"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://makominingcorp.company/#douglas.freidestam@tele2.com","date":"2025-10-15T06:33:32.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"makominingcorp.company","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 07 Sep 2025 13:07:43 GMT","end":"Sat, 06 Dec 2025 13:13:39 GMT"},"fingerprint":{"sha1":"59:3A:50:81:75:CF:BA:2C:4D:28:AC:BA:B6:18:8B:04:42:2F:F7:62","sha256":"97:ED:79:09:A4:5B:77:01:62:06:1F:88:61:88:00:6D:46:7E:ED:00:26:92:A3:F4:B0:C4:D5:59:FD:3E:21:CD"}}},"request":{"raw":"GET /LJkwx1jpa870BJI3U8okWdlIWBJVOBx3iAvgjs52k1uOw7Zsyv7gGreOoHlY4GVlv8N8sX4Mq0gfoLiCKTBg1el5m7gowjtygt2RH5vNVoYkrbB7zWuIlZ3lnQ71x/js/WYASzCxrQ1r7Uoy.js HTTP/1.1\r\nHost: makominingcorp.company\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://makominingcorp.company/\r\nCookie: PHPSESSID=jnu9oautl1ifq20a93va5j4hci\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 06:33:33 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5504\r\nserver: cloudflare\r\netag: \"3df0-68822b14-2a0db9;br\"\r\nlast-modified: Thu, 24 Jul 2025 12:46:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=URu6vuWPSK20JF%2BHSTG3myp3tzN7lHXfeunl1JzdrZ75b36osdWisvJRXgoFDT2VjIzrbLAV0pMCr4cSUSc1lNNAWM2mx9IXiCVLkNvR%2Bg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 98ed491c1e790b02-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15856,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (15856), with no line terminators","md5":"2d73540e77a95afc0e175e6832632f80","sha1":"395b7f01612c818e42180d7bd6cc45dee889d931","sha256":"22b383bee9018beb60be59df9dc5693b710b4fbb460c4ee72249eb6bbb15340b","sha512":"845d3078a4f637aefc1cd555bc821a608ddf3f20254c2e3eae22746369f14c8b5fa3a3aae65ac47953c66d6293cda0014188649b13caa816f545fa4c074de58e","ssdeep":"192:XJOvc1ds4w/WeDKCOtsclRSQdZ1opYAGARKWmuykrLe0L8sYAqzLkK0hYS1:5O94EWIKCOlRS2o6AGAHx3HLEvqj","tlshash":"ce62409e26523da3d21fd6f606c7a2cba9b42540cb884002c6dc53c876786e573f9c7b","first_seen":"2025-07-27T12:49:35.332897Z","last_seen":"2026-06-11T06:44:32.314961Z","times_seen":823,"resource_available":true,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}}]}