{"report_id":"d09f1ea3-6f95-4161-b208-eca79fef2002","version":6,"status":"done","tags":[],"date":"2026-05-22T06:15:46Z","url":{"schema":"http","addr":"sesionolinenmsn.iceiy.com","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/?i=1","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Autenticación","dom":{"size":8104,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (495)","md5":"80a6ba9a617f6ee3edeae8f68537f69c","sha1":"ce2cf4eb869228bf6c3a366d38f3a9c0a02a441f","sha256":"5a62577b1091fc83ed7c61a696e70de06865fb7942b20d57082bf32748fc3104","sha512":"9c262702bcb451559938a996c9ceae5250345d9e5f6fa0328debb4ec363a48ea0d74e1707d8c000b1f971bb50170149f4241925fc0e2f602183d4b48f75cca4e","ssdeep":"192:E8CyJde5VjS6zlgZoD1EXNol3Rmgi/HBAUH+Fu1aZAZHcltGumdFQuLJQOjDUkTj:EOL8XjN2sqP","tlshash":"a8f1dfa0e2a405666073e1c9bcbf772b5490f70bc50b558c76acf5b26f87db279021e8","dom_hash":"domhashe91093d41f6475e6c9d2b0652664159d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"sesionolinenmsn.iceiy.com","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-26T06:15:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"sesionolinenmsn.iceiy.com","ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-05-22T03:07:05.277869Z","last_seen":"2026-05-22T03:07:05.277869Z","alert_count":28,"request_count":7,"received_data":51580,"sent_data":3378,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"550740796bcc77de4a7e1b13aedcc536","sha1":"ae51f68d653faa7ed72459f6b650ba156c557605","sha256":"5467ee984b5d1d03e39c33c7d5006bdd813473c2934384a940758fecb7e1d6a2","sha512":"0996a4fe7f487e9fc4a8eaee2b2551f88c69814d530ad598173044b8ec1f324ff8da6a8f2c36a7ab0272682a6c9d2cc84d5140e1d1edec5c9ec5730ccf99c94a","ssdeep":"","tlshash":"64f00c7ce071a1d98fc12042047b958f90621aa3b923c8fbc40292a05ad29dd1a88e6f","size":613,"data":"","first_seen":"2026-05-22T06:15:46.971191Z","last_seen":"2026-05-22T06:16:42.553886Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/aes.js","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"756722c3542f271367cc3b074113a8ee","sha1":"c5c24b4cfc44d597fb7d82d79a7dcea4a8d07e2b","sha256":"ed1d3bd967abe66cff832561cb911c572a2f85fd6cffc32ef3cec68dbc60c7ce","sha512":"ec3293d425646848dc2cf5d3cebae22b91d99461d3565ed17599af961f6f0062167446f732e91ade94f7e589000cda7e85259a217c5ce571bc11c175435a4290","ssdeep":"","tlshash":"8d1150a5034607bcf6cd0ec8c40a321a21f1c04abe2112c9afb36ae77c3b8840034e26","size":1000,"data":"","first_seen":"2025-03-10T10:15:36.223346Z","last_seen":"2026-06-06T15:24:57.486708Z","times_seen":2173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/js/discord-index.js","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7ae4c9a79393d8b03e08b699bd6fd08","sha1":"b1e263f5f2e4cb1386867a60d8491ec2e89587b5","sha256":"f6e3fb76d4d4028b41a11abe33be7d413b749b80c037180091fc94fa366dc272","sha512":"665c431a6e451ee5e0ecfceff34a30e57cc327d42342cfa69f3b8a227cb69d6e1e5db9c97ec128843109fd215359577fe64fb7fb2641bb19942077135db3e7a1","ssdeep":"","tlshash":"464145e6b8f326a163332a3da71b940135ba50071c0add72b96c49190f4cf9c6bf1be0","size":2288,"data":"","first_seen":"2026-05-22T03:07:16.763779Z","last_seen":"2026-05-22T06:16:42.550553Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/js/discord-config.js","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3cf65e4883e6bb88739205287f5783f","sha1":"01a3889e5ec650f6701059ca70a07920b2a11ff2","sha256":"297aaff8b6866aba56247de8bc9c5d3d66ae816b7179108f3231a06a7f6557aa","sha512":"38d99dc802191819368fc7ad9b49892092d03aeaca01cb2235718ebf8dd9dd16fdda54821bd74ea037dc3be72583d6f4431a37bc1d4937bfbd663b12ca9997c6","ssdeep":"192:T5yUoci9+xRGoM+3xPAULBVJLlLnN+bK4NmrK0bnmr6I6:T5ywi+E2RAGBVJxLOKKs","tlshash":"2a120eee20a163194623b2dd790f950f35ee7443c95fab0eb9bc42106f8c66c667395c","size":9502,"data":"","first_seen":"2026-05-22T03:07:16.769369Z","last_seen":"2026-05-22T06:16:42.548048Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/?i=1","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-22T06:15:25.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sesionolinenmsn.iceiy.com/\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 8836\r\nConnection: keep-alive\r\nLast-Modified: Tue, 07 Apr 2026 14:34:08 GMT\r\nETag: \"2284-64edfad09f634\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Sun, 21 Jun 2026 06:15:25 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":8836,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (456)","md5":"8175c8f585351f015480e3c0bf4d0ca3","sha1":"c84e652285b5ff55a708d8aeec2e46a23d8c5022","sha256":"c626a8b8c7cf2b7a5baa3633d01e6adf62a5165d03532772a715512bd97dc791","sha512":"7842aa6173cb9d05acaf54c2c6a9f5069a83234b53670823db42d9e70419a515fec56d791676efa0646ab0a6067247839fcdb863bfe89a1adc054a2f04aa1e3f","ssdeep":"192:Pf8CyJddVo0+RQkYtGPgYJXWzq2RmTj0goG6gffuElvjzZ0jNIoGFyyAtuLFhDx5:PfOdSCa/jX2tq","tlshash":"6e02eea0e2b405ab6073c1c5b8bf632b66a1e747d507514c766cf2b27f8bda1b9121c8","first_seen":"2026-05-22T03:07:16.765917Z","last_seen":"2026-05-22T06:16:42.548937Z","times_seen":3,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/assets/index-sMZPGJ8k.css","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sesionolinenmsn.iceiy.com/?i=1","date":"2026-05-22T06:15:25.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /assets/index-sMZPGJ8k.css HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: text/css\r\nContent-Length: 24196\r\nConnection: keep-alive\r\nLast-Modified: Tue, 07 Apr 2026 14:29:59 GMT\r\nETag: \"5e84-64edf9e400a17\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Sun, 21 Jun 2026 06:15:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":24196,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24195)","md5":"f473349b4d72f23f49ffa191c26a181e","sha1":"8b85648cbd4b50fce6f17377e54b6472c010bd92","sha256":"14775378f15795d0cd18669c4e5db1e0460ccf2d0b540f15112f9cbe7a051049","sha512":"a68d8b8a2dd7d86becb4e493234ad5d6b14556b825e6ceb517a8d6242623bfe1b7db0e7391617000ef0561112a57e4ce6ae17a50bb7030d28248c57e1aed694b","ssdeep":"384:oUi/eYN3xQaiZyibHW20Lff5PEZS1XjSYY:23xQaiZyibHP0LffM0XjRY","tlshash":"52b2b6b4e396d87bec63e9f6b3ccb41ca128b193ce3116d8fa02220597d36f11956b14","first_seen":"2026-05-22T03:07:16.760303Z","last_seen":"2026-05-26T19:43:24.463861Z","times_seen":4,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/images/logo.svg","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sesionolinenmsn.iceiy.com/?i=1","date":"2026-05-22T06:15:25.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /images/logo.svg HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 3651\r\nConnection: keep-alive\r\nLast-Modified: Tue, 07 Apr 2026 14:32:15 GMT\r\nETag: \"e43-64edfa659295f\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=0\r\nExpires: Fri, 22 May 2026 06:15:25 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3651,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-06-06T15:31:17.220985Z","times_seen":126885,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":83,"dns":1,"connect":35,"send":0,"wait":37,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/favicon.ico","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sesionolinenmsn.iceiy.com/?i=1","date":"2026-05-22T06:15:25.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 215\r\nConnection: keep-alive\r\nLocation: https://aeonfree.com/error/404/\r\nCache-Control: max-age=2592000\r\nExpires: Sun, 21 Jun 2026 06:15:25 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-22T06:15:25.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 852\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":852,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (852), with no line terminators","md5":"9cd86fca1286fe37a0041db374ac5e44","sha1":"403fe22fa8b4cd1673b12444648708cf87bc7aba","sha256":"0bab731028a1c6319172256863a641bbe8e5712ddde01109a97421f4efcee928","sha512":"183eed71d780c171bf3dc8258064bf8089a9376d5fc4b361271e44ee9b01845d5c844d480859897d7eff9a9d5ef8d3f6a9519954baf78894f8a19269ed9555f9","ssdeep":"","tlshash":"8e011ebcaca1e1858fc000c01477d59e641296a2aa12cdab84c242e556e1bdd0e89d7a","first_seen":"2026-05-22T06:15:46.963574Z","last_seen":"2026-05-22T06:16:42.551317Z","times_seen":2,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":147,"dns":1,"connect":32,"send":0,"wait":32,"receive":0,"ssl":111},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/js/discord-index.js","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sesionolinenmsn.iceiy.com/?i=1","date":"2026-05-22T06:15:25.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /js/discord-index.js HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2288\r\nConnection: keep-alive\r\nLast-Modified: Tue, 07 Apr 2026 14:32:57 GMT\r\nETag: \"8f0-64edfa8ced427\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Sun, 21 Jun 2026 06:15:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"c7ae4c9a79393d8b03e08b699bd6fd08","sha1":"b1e263f5f2e4cb1386867a60d8491ec2e89587b5","sha256":"f6e3fb76d4d4028b41a11abe33be7d413b749b80c037180091fc94fa366dc272","sha512":"665c431a6e451ee5e0ecfceff34a30e57cc327d42342cfa69f3b8a227cb69d6e1e5db9c97ec128843109fd215359577fe64fb7fb2641bb19942077135db3e7a1","ssdeep":"","tlshash":"464145e6b8f326a163332a3da71b940135ba50071c0add72b96c49190f4cf9c6bf1be0","first_seen":"2026-05-22T03:07:16.763779Z","last_seen":"2026-05-22T06:16:42.550553Z","times_seen":3,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sesionolinenmsn.iceiy.com/js/discord-config.js","fqdn":"sesionolinenmsn.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.219","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sesionolinenmsn.iceiy.com/?i=1","date":"2026-05-22T06:15:25.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /js/discord-config.js HTTP/1.1\r\nHost: sesionolinenmsn.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __test=3a10bdbf88e295e6cdbfd659d013bb9e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 22 May 2026 06:15:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 9502\r\nConnection: keep-alive\r\nLast-Modified: Tue, 07 Apr 2026 14:32:55 GMT\r\nETag: \"251e-64edfa8b70a08\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Sun, 21 Jun 2026 06:15:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9502,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a3cf65e4883e6bb88739205287f5783f","sha1":"01a3889e5ec650f6701059ca70a07920b2a11ff2","sha256":"297aaff8b6866aba56247de8bc9c5d3d66ae816b7179108f3231a06a7f6557aa","sha512":"38d99dc802191819368fc7ad9b49892092d03aeaca01cb2235718ebf8dd9dd16fdda54821bd74ea037dc3be72583d6f4431a37bc1d4937bfbd663b12ca9997c6","ssdeep":"192:T5yUoci9+xRGoM+3xPAULBVJLlLnN+bK4NmrK0bnmr6I6:T5ywi+E2RAGBVJxLOKKs","tlshash":"2a120eee20a163194623b2dd790f950f35ee7443c95fab0eb9bc42106f8c66c667395c","first_seen":"2026-05-22T03:07:16.769369Z","last_seen":"2026-05-22T06:16:42.548048Z","times_seen":3,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":80,"dns":0,"connect":31,"send":0,"wait":34,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-22","alert":"Sinkholed","trigger":"sesionolinenmsn.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}