{"report_id":"da7fd168-bff8-44c6-bc9e-d2dc489f6990","version":6,"status":"done","tags":[],"date":"2026-05-22T16:59:49Z","url":{"schema":"https","addr":"178.128.18.57:8443","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"178.128.18.57:8443/","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"title":"CyberC2 - Command \u0026 Control","dom":{"size":4259,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3730)","md5":"a7b81ad81678dbfb3edc5c6bc43c44b2","sha1":"35a7edc6a79b57aabdf7cd83be5c96d67a9eb0e2","sha256":"56c2a858237c9a41a7f176387cdbb7fe62596cc658e68f0d8250553d8937488c","sha512":"64dd9e5f53e38468f8c224f98ecd8fb31ca65ff948c1c975c10ba3dc3a66935c880ac76b53f2abe22a041e591aa02f9bf755976b1f25d17c3d04f589242d9bd1","ssdeep":"96:tAHcL3VMtsmLkOTxK55xak6ZkHP38IikwZkBpn183XdT:tWC3VMlI+wPMIkY69","tlshash":"e791c93051684e3eb1938aa0f6b17f14145fe345d26b862cb1bd91b53fc2cb5cc5ea94","dom_hash":"domhash7051f812af4d996cfc2b28e0ae200ee5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"178.128.18.57:8443","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-26T16:59:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"178.128.18.57","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":312609,"sent_data":2293,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-17T22:21:01.756487Z","alert_count":0,"request_count":1,"received_data":18252,"sent_data":516,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-17T22:18:09.532627Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1674,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"178.128.18.57:8443/assets/index-CqU1KaGM.js","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":8443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a791caf42331b9360312e8f0dc87b06","sha1":"97f009e9379aa6f6441321b94aa29b5d28964ea4","sha256":"b5fa6b62224938c405aa16226b793663d0e4335985d3ac165e5f228e783a4329","sha512":"1531c82666efec9919cd0ccea181ff51eea9c54ca60e9eb18a02d6727444c1c28386a85c1dc7cdad1ae147cd252370699e493585a3175f6996cae92f67e5ab43","ssdeep":"3072:mKHudEWv7MIsyx+5Ve2ZrE0xxQ+H1JQ1kMCcqaZi/g/5hGfcoW6t4wEiKloMeNLb:m6lnO1T3R6131bb","tlshash":"44443be832adb6666fb346a500af1107727c2d27240d8870f124eda9767484a51fbffd","size":260719,"data":"","first_seen":"2026-05-22T16:59:53.856871Z","last_seen":"2026-05-22T17:10:56.967507Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"178.128.18.57:8443/","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-22T16:59:28.302Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 178.128.18.57:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T13:18:44.72609Z","times_seen":15777441,"resource_available":true,"data":null}},"time_used":1034,"timings":{"blocked":1034,"dns":0,"connect":390,"send":0,"wait":0,"receive":0,"ssl":384},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"178.128.18.57:8443/","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":8443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-22T16:59:31.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"issuer":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"validity":{"start":"Thu, 19 Mar 2026 13:09:10 GMT","end":"Sun, 16 Mar 2036 14:09:10 GMT"},"fingerprint":{"sha1":"59:9F:5B:57:1A:1F:D4:E8:4E:3E:BE:0C:24:47:0D:3D:03:87:2E:C4","sha256":"90:E0:18:F2:35:2F:71:1B:55:2C:12:83:4B:84:EA:E2:0A:AC:33:C1:E4:A0:1D:E2:B8:7A:A6:DC:F3:AD:AC:1F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 178.128.18.57:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 530\r\ndate: Fri, 22 May 2026 16:59:32 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":530,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, CR, LF line terminators","md5":"3370ca2a9609019c1177d613835fc2f0","sha1":"02311e19e0ec655fdb1d85e4eae379f1a0ea65c4","sha256":"e93d8b7d3d56c2b36f7a7755229142ec0750ab23a0e4f126079301bb303aec46","sha512":"a8797c14faf55b5714e49ee2fbed205ed8590f36814450d761c72fa3dd34d916f48a743a4c7e03edf53e0b7790d8bfe7e856c405ad2cfb66b214d490e831b6b5","ssdeep":"","tlshash":"99f0590589d04d1b037052a9be82f91de9e2a387c345ae0172e9706f1fa1e46cdcb474","first_seen":"2026-05-22T16:59:53.854251Z","last_seen":"2026-05-22T17:10:56.966616Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1988,"timings":{"blocked":801,"dns":0,"connect":383,"send":0,"wait":386,"receive":0,"ssl":414},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026family=JetBrains+Mono:wght@400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:34.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:08 GMT","end":"Thu, 30 Jul 2026 15:53:07 GMT"},"fingerprint":{"sha1":"A0:20:9F:E4:EB:B9:7E:2F:51:C6:BD:BB:AF:02:44:35:C1:8D:84:74","sha256":"EB:51:AB:28:F2:0A:E5:3F:51:9B:1B:F4:37:AA:7D:8A:6F:D7:99:5E:A2:B6:9C:EC:43:85:C5:36:68:23:BE:CD"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026family=JetBrains+Mono:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://178.128.18.57:8443/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 22 May 2026 16:59:34 GMT\r\ndate: Fri, 22 May 2026 16:59:34 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17566,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"b5034bb20fb0fed05e2ab97bcc74834c","sha1":"041c0cb35af69dde4d67b308a24491d640e9d74d","sha256":"cb54c38f4d0b6e7f234c5f43b1e3dc9c7dcf92bcb0a0df2ebdd73d9404749aab","sha512":"6e6646ca078a582b0870c955455835ef457eeed7070522551506de77aa023531e82f8ab83e316fa4a38b438d1ec8146ac6356df41251f1665241096ca9929f9d","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGgG+7p3ZAXYjG9Up3qnXe:vXuM0p2+QOGC6C7","tlshash":"1372da91002ba400ab471cc673cf7e3abdce504a6085d5b99ffe0d899ceac66537875d","first_seen":"2025-10-14T11:15:56.574489Z","last_seen":"2026-05-26T16:03:53.270499Z","times_seen":133,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":145,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:34.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://178.128.18.57:8443\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 May 2026 01:45:24 GMT\r\nexpires: Fri, 21 May 2027 01:45:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 141251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-27T13:18:24.694868Z","times_seen":194895,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":118,"dns":0,"connect":15,"send":0,"wait":16,"receive":22,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:34.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://178.128.18.57:8443\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 May 2026 01:45:24 GMT\r\nexpires: Fri, 21 May 2027 01:45:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 141251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-27T13:18:24.694868Z","times_seen":194895,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":134,"dns":6,"connect":29,"send":0,"wait":20,"receive":10,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:34.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://178.128.18.57:8443\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 21 May 2026 01:45:24 GMT\r\nexpires: Fri, 21 May 2027 01:45:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 141251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-27T13:18:24.694868Z","times_seen":194895,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":240,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":213},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"178.128.18.57:8443/assets/index-CqU1KaGM.js","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":8443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:32.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"issuer":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"validity":{"start":"Thu, 19 Mar 2026 13:09:10 GMT","end":"Sun, 16 Mar 2036 14:09:10 GMT"},"fingerprint":{"sha1":"59:9F:5B:57:1A:1F:D4:E8:4E:3E:BE:0C:24:47:0D:3D:03:87:2E:C4","sha256":"90:E0:18:F2:35:2F:71:1B:55:2C:12:83:4B:84:EA:E2:0A:AC:33:C1:E4:A0:1D:E2:B8:7A:A6:DC:F3:AD:AC:1F"}}},"request":{"raw":"GET /assets/index-CqU1KaGM.js HTTP/1.1\r\nHost: 178.128.18.57:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://178.128.18.57:8443/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 260719\r\ndate: Fri, 22 May 2026 16:59:32 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":260719,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (40128)","md5":"0a791caf42331b9360312e8f0dc87b06","sha1":"97f009e9379aa6f6441321b94aa29b5d28964ea4","sha256":"b5fa6b62224938c405aa16226b793663d0e4335985d3ac165e5f228e783a4329","sha512":"1531c82666efec9919cd0ccea181ff51eea9c54ca60e9eb18a02d6727444c1c28386a85c1dc7cdad1ae147cd252370699e493585a3175f6996cae92f67e5ab43","ssdeep":"3072:mKHudEWv7MIsyx+5Ve2ZrE0xxQ+H1JQ1kMCcqaZi/g/5hGfcoW6t4wEiKloMeNLb:m6lnO1T3R6131bb","tlshash":"44443be832adb6666fb346a500af1107727c2d27240d8870f124eda9767484a51fbffd","first_seen":"2026-05-22T16:59:53.856871Z","last_seen":"2026-05-22T17:10:56.967507Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":2013,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"178.128.18.57:8443/assets/index-COo5r5vH.css","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":8443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:32.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"issuer":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"validity":{"start":"Thu, 19 Mar 2026 13:09:10 GMT","end":"Sun, 16 Mar 2036 14:09:10 GMT"},"fingerprint":{"sha1":"59:9F:5B:57:1A:1F:D4:E8:4E:3E:BE:0C:24:47:0D:3D:03:87:2E:C4","sha256":"90:E0:18:F2:35:2F:71:1B:55:2C:12:83:4B:84:EA:E2:0A:AC:33:C1:E4:A0:1D:E2:B8:7A:A6:DC:F3:AD:AC:1F"}}},"request":{"raw":"GET /assets/index-COo5r5vH.css HTTP/1.1\r\nHost: 178.128.18.57:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://178.128.18.57:8443/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 50685\r\ndate: Fri, 22 May 2026 16:59:32 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50685,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (50684)","md5":"6a2975d75460ccad6d2aa420c56afa0f","sha1":"4205d5a9cb557e4a7547a6f21cf067ec90d2791c","sha256":"e6240deccfdf637f871a9debd498147c628bcb297dc591cfab73df4ba2fa3d98","sha512":"3b013e50642d965801b4f66a7bc50445ffa010d969fe2ebecfa39a1f30aadcfaf5a50143163d599812984c77009d95989e77501a0262a8753574c7781742528b","ssdeep":"384:/wPN0z+QXChXwsDPBGYqkeSLo6cMjrcDPDjvO+3MU/mTkTE/y/m/Hxrds3erxvS/:fz+QXChXwsDpq6cb3MUaxrd4eU/","tlshash":"d533fe296b54403b3c9390f9e598fa9de21b71c0df395aeafc8212219bd63f75c97600","first_seen":"2026-05-22T16:59:53.857969Z","last_seen":"2026-05-22T17:10:56.968386Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":1190,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"178.128.18.57:8443/vite.svg","fqdn":"178.128.18.57","domain":"178.128.18.57","tld":""},"ip":{"addr":"178.128.18.57","port":8443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://178.128.18.57:8443/","date":"2026-05-22T16:59:35.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"issuer":{"commonName":"CyberC2 Teamserver","organization":"CyberC2"},"validity":{"start":"Thu, 19 Mar 2026 13:09:10 GMT","end":"Sun, 16 Mar 2036 14:09:10 GMT"},"fingerprint":{"sha1":"59:9F:5B:57:1A:1F:D4:E8:4E:3E:BE:0C:24:47:0D:3D:03:87:2E:C4","sha256":"90:E0:18:F2:35:2F:71:1B:55:2C:12:83:4B:84:EA:E2:0A:AC:33:C1:E4:A0:1D:E2:B8:7A:A6:DC:F3:AD:AC:1F"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: 178.128.18.57:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://178.128.18.57:8443/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/plain; charset=utf-8\r\nx-content-type-options: nosniff\r\ncontent-length: 19\r\ndate: Fri, 22 May 2026 16:59:35 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":19,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"595e88012a6521aae3e12cbebe76eb9e","sha1":"da3968197e7bf67aa45a77515b52ba2710c5fc34","sha256":"b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793","sha512":"fd13c580d15cc5e8b87d97ead633209930e00e85c113c776088e246b47f140efe99bdf6ab02070677445db65410f7e62ec23c71182f9f78e9d0e1b9f7fda0dc3","ssdeep":"","tlshash":"1270000c0a0202082020002822800020080802022a802220000aa00882008000800888","first_seen":"2023-04-05T03:13:11Z","last_seen":"2026-05-27T13:15:39.448338Z","times_seen":34936,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}