{"report_id":"dcd3a4fc-ddbe-4b1c-b8c4-7638aa38f855","version":6,"status":"done","tags":[],"date":"2024-11-08T16:55:22Z","url":{"schema":"http","addr":"www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":0,"asn":215540,"as":"Global Connectivity Solutions Llp","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"https","addr":"www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"title":"Meta | Facebook"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-01-17T16:55:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"kit.fontawesome.com","ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":1868,"first_seen":"2019-12-16T20:51:31Z","last_seen":"2024-11-06T03:11:05.581498Z","alert_count":0,"request_count":1,"received_data":12570,"sent_data":467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ka-f.fontawesome.com","ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":3598,"first_seen":"2019-12-17T07:36:13Z","last_seen":"2024-11-06T04:50:45.496365Z","alert_count":0,"request_count":3,"received_data":272718,"sent_data":1538,"comment":"","tags":null,"fingerprints":null},{"fqdn":"companieslogo.com","ip":{"addr":"104.26.9.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-08-08","domain_rank":0,"first_seen":"2022-03-14T23:08:02Z","last_seen":"2024-11-03T11:48:30.646578Z","alert_count":0,"request_count":1,"received_data":53677,"sent_data":467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.manage-business-system.com","ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"domain_registered":"2024-11-01","domain_rank":0,"first_seen":"2024-11-08T16:55:22.611869Z","last_seen":"2024-11-08T16:55:22.611869Z","alert_count":11,"request_count":11,"received_data":1995379,"sent_data":5570,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30T02:15:09Z","last_seen":"2024-11-06T01:46:12.666054Z","alert_count":0,"request_count":1,"received_data":20791,"sent_data":511,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10T22:14:26Z","last_seen":"2024-11-06T01:31:50.114081Z","alert_count":0,"request_count":2,"received_data":24756,"sent_data":1020,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kit.fontawesome.com/42d5adcbca.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"14306f67d245085e85fd9a8217d23917","sha1":"8e5045bb99727f868137c83a2c98d30f2c07de3f","sha256":"0442b89f884215e7ef970a1b4b90aa0b010860b08fabca4461b04f1f4879ef0b","sha512":"cf7693c762cbb8931935bd9519b0bfd8eeaae8835d680d71cc8504634f926251d32d9a601cb4b277e353088c20d5dcdc8ec652599b815372a4336d777880f8d3","ssdeep":"192:0O3pHufbPUCpEcrbCpg68vhtz91LO7sgBy70nZbPkks3ZXF1vh3rg1Q5l8hY6o3+:0dACfCghtzb0tnByHVh3s1Q5l8hY+","tlshash":"ee42c45d7a85b17646eb71a1803f620bf279312a3406d020e25ddde4acbdd6ea133f2d","size":13167,"data":"","first_seen":"2024-09-01T02:48:13Z","last_seen":"2024-11-18T13:09:13.622367Z","times_seen":581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/index-6fd4f8f6.js","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"423dafcae9690d2db7fc51ed0d88d2dc","sha1":"52bf03ea222215baf026d67023cd59f5e7e1494b","sha256":"77b517963e917922a6f54b75e6ae863b91fdfae1c19ee3e6b109e16202febcba","sha512":"c207f0b089f56bf48d9039797df2531438e0c8778dc7cc316d774c431a23c8ece714a2712b1632fbbcd729c0b2a8e07699153503f7b25cf91382f9a8fa78a4f1","ssdeep":"12288:7FfXxT3Er0z/g4wv52FqkATfQJgM9HH/MQ3DFK6p2jqVmQDq:79xT3Er0Ty2FqkkIJrVMQ3DFKM2jkmQm","tlshash":"d4256bd87294b5aa97a345e8403f4107f23a2865a80d8460f17cd8de2dbc94d663bffd","size":964353,"data":"","first_seen":"2024-09-25T15:00:18Z","last_seen":"2024-11-25T11:25:13.810367Z","times_seen":237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-11-08T16:54:56.046Z","timestamp":1731084896046,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /leafmailer2.8.php,7-Nov-24,High,Medium HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:56 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"672ce4ff-6b2\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":861,"size_decoded":1714,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"e24150629c9ddcb8fec0b87a52b83772","sha1":"ad20c5bbf90a79dd67f0d81e25578a3305d94291","sha256":"7169cb3029d59b02ffa6605b4281f9d3f5f2ff59c85316a0820d66a1322faf81","sha512":"becf08fedcb991844128b4fa14008de87922ab375e2bb765742c45093da235f5642cf2c19675efd4a53c47eea599d9a7ec3c9734281e985637428c290ea696d7","ssdeep":"","tlshash":"5e311ea7d4d05c0a03308588b8c3b01dec17669b9a657cd1b9ee512f4fe26d888bf986","first_seen":"2024-09-19T19:19:32Z","last_seen":"2025-02-15T00:42:51.282123Z","times_seen":310,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":179,"dns":113,"connect":22,"send":0,"wait":23,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.388Z","timestamp":1731084896388,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2024 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 30 Jul 2024 15:36:05 GMT","end":"Sun, 31 Aug 2025 15:36:04 GMT"},"fingerprint":{"sha1":"6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C","sha256":"A9:B8:7C:31:7F:16:E8:65:1C:A9:F0:0B:31:65:FF:03:C3:14:1C:09:22:A9:BF:2D:D0:7A:B1:DB:4B:C5:2F:46"}}},"request":{"raw":"GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.manage-business-system.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.2\r\nx-jsd-version-type: version\r\netag: W/\"260c5-fByeBXPlzqi603M74vxjqoxo6o0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\nage: 218975\r\nx-served-by: cache-fra-eddf8230097-FRA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 20016\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20016,"size_decoded":155845,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"abe91756d18b7cd60871a2f47c1e8192","sha1":"7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d","sha256":"7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b","sha512":"bac54101debafcda5535f0607b5f60c2cda3e896629e771ad76ac07b697e77e4242d4f5f886d363b55fc43a85ea48a6bfc460a66f2b1fc8f56b27ba326e3a604","ssdeep":"1536:d0bwW83RipVVsEBpy0cuJcf22RWb5CyVUpz600I4fM:d0bwlyVUpz600I4fM","tlshash":"09e3a3d7f581241dd4a7c259a0d1bffd052f4586e3025babb0277bb88b8a6c70963e4c","first_seen":"2023-04-05T03:16:49Z","last_seen":"2026-04-05T15:18:16.661512Z","times_seen":94528,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":71,"dns":14,"connect":26,"send":0,"wait":27,"receive":5,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/index-f33ba3c6.css","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.391Z","timestamp":1731084896391,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /index-f33ba3c6.css HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:56 GMT\r\nContent-Type: text/css\r\nContent-Length: 46381\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-b52d\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46381,"size_decoded":46381,"mime_type":"text/css","magic":"ASCII text, with very long lines (46380)","md5":"8c36c5dce056e13d2006d5d808df6fd1","sha1":"4af8bd36cb57c2e4738fcd17df40729dde96777b","sha256":"5a0a4568e2d63ba0de1c5484846ab09d8bd51617df31b914ba0c8caf0b74206b","sha512":"d02dff642d92f48973e7de6a5f4fb7539d4cb35ee0ab21424ecb27d685fa073ff220d88ffc749b69a92c0d058713919c5302a6dac75fff2fb4caaa4d2309b6a0","ssdeep":"384:+UbeCJFdKW+SZr3zSwwaPl4q8xYKvIvvcvCN6E6VQUqxtb3WpWWnKrIzy7nWw:3bzJFLDdz8AsxCcvCNGQV7ynK6+","tlshash":"6d231b773724332edd27856ae5b0a77c7911a481c623c7bdf5ca6b15cbca2b10c99318","first_seen":"2024-09-18T19:18:42Z","last_seen":"2025-04-10T11:51:14.1172Z","times_seen":396,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":71,"dns":1,"connect":21,"send":0,"wait":53,"receive":29,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.387Z","timestamp":1731084896387,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Oct 2024 08:25:41 GMT","end":"Mon, 30 Dec 2024 08:25:40 GMT"},"fingerprint":{"sha1":"74:3D:68:F7:64:93:DF:41:12:95:A6:69:57:38:7A:AF:75:38:44:2D","sha256":"AC:7E:75:A2:AA:A9:61:75:E0:B5:90:FF:A2:10:40:94:C2:B8:EC:8A:4D:3A:6E:68:37:D4:27:F9:E7:F5:98:7F"}}},"request":{"raw":"GET /css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 08 Nov 2024 16:54:56 GMT\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2083,"size_decoded":2083,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"0f362048f12d3a48c0c1959c6cf5b862","sha1":"bd6fc89346e0779630fde07776af30076f801bf2","sha256":"f371de6392780a64f33b34082eea6ba2500ae2b81e4cb74faafcddb1a841d6ed","sha512":"5a0ccecfd43730a8f17fd7e1686b8d307b89d60b54728dcef4cfd9a9d1a9d64a073671680f36ee552248b9b799036abab0d062ca32cca317f96464d681807044","ssdeep":"","tlshash":"3b41c9c78a34f340bea5e9a903cb4f1b67a4f0c08a7e145c56b0fa9a18117dc2f49c5e","first_seen":"2024-11-08T16:55:23.773167Z","last_seen":"2024-11-08T16:55:23.773167Z","times_seen":1,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":103,"dns":13,"connect":21,"send":0,"wait":22,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/index-6fd4f8f6.js","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.390Z","timestamp":1731084896390,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /index-6fd4f8f6.js HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 964353\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-eb701\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":964353,"size_decoded":964353,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37570)","md5":"423dafcae9690d2db7fc51ed0d88d2dc","sha1":"52bf03ea222215baf026d67023cd59f5e7e1494b","sha256":"77b517963e917922a6f54b75e6ae863b91fdfae1c19ee3e6b109e16202febcba","sha512":"c207f0b089f56bf48d9039797df2531438e0c8778dc7cc316d774c431a23c8ece714a2712b1632fbbcd729c0b2a8e07699153503f7b25cf91382f9a8fa78a4f1","ssdeep":"12288:7FfXxT3Er0z/g4wv52FqkATfQJgM9HH/MQ3DFK6p2jqVmQDq:79xT3Er0Ty2FqkkIJrVMQ3DFKM2jkmQm","tlshash":"d4256bd87294b5aa97a345e8403f4107f23a2865a80d8460f17cd8de2dbc94d663bffd","first_seen":"2024-09-25T15:00:18Z","last_seen":"2024-11-25T11:25:13.810367Z","times_seen":237,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.386Z","timestamp":1731084896386,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Oct 2024 08:25:41 GMT","end":"Mon, 30 Dec 2024 08:25:40 GMT"},"fingerprint":{"sha1":"74:3D:68:F7:64:93:DF:41:12:95:A6:69:57:38:7A:AF:75:38:44:2D","sha256":"AC:7E:75:A2:AA:A9:61:75:E0:B5:90:FF:A2:10:40:94:C2:B8:EC:8A:4D:3A:6E:68:37:D4:27:F9:E7:F5:98:7F"}}},"request":{"raw":"GET /css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 08 Nov 2024 16:54:56 GMT\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21305,"size_decoded":21305,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"728a0cfb1c36a57900a7fb7eaa0f79ab","sha1":"cf144c28cd2f3bc40f5e1ce37c4acd3c3c11990f","sha256":"9f6258a478298046bf7c2c626bc458a3acd46feb5a93783cf19c0692abe054ff","sha512":"e4ce418d24eeee613f0354f06344ca4767fb17f524988b890af8b51ae35a7645576ede92ff9bd62223851b933ada3b09cce667b40885a66d73fdc113f4087215","ssdeep":"384:fqbaAPktPZvCuFMOLcQo2hkjx7FYNBsy2TQ01kKVaWHzg9IXBioeIm6C2t:fsaAGvC7IFhUxhMj0ESc+x8n6jt","tlshash":"d3a2e13785c7c4cbd75f6a2b5c60282823720aae3346185b6e7b7225baf427c3d161c7","first_seen":"2024-11-08T16:55:23.77841Z","last_seen":"2024-11-10T11:43:01.311372Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":72,"dns":10,"connect":8,"send":0,"wait":22,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kit.fontawesome.com/42d5adcbca.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.389Z","timestamp":1731084896389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.fontawesome.com","organization":"FONTICONS, INC."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Jul 2024 00:00:00 GMT","end":"Mon, 27 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09","sha256":"BB:08:AA:43:40:BA:18:E2:D7:C3:F1:4D:A1:0C:50:2D:81:D4:9D:46:89:CC:0C:E2:2D:72:16:1B:59:1F:71:04"}}},"request":{"raw":"GET /42d5adcbca.js HTTP/1.1\r\nHost: kit.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.manage-business-system.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3000\r\ncache-control: max-age=60, public, stale-while-revalidate=30\r\nvary: origin, accept-encoding, access-control-request-headers, access-control-request-method\r\nx-request-id: GAXxBWjYFFk5BjgD2fHC\r\ncf-cache-status: REVALIDATED\r\nserver: cloudflare\r\ncf-ray: 8df7167afab2569f-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11964,"size_decoded":11964,"mime_type":"text/javascript","magic":"gzip compressed data, from Unix","md5":"857c5b5764a5e415ccd8b7d101508d2e","sha1":"9fc0921efbd76adb3f45738370a44f6bd39fcf57","sha256":"2b9b6442bcd246772a22a88fda92c9814dd62ec28e3eb3b2b693262fddd2c26f","sha512":"9b06ac6dcdd1370ac1343fa8ed10b85d5cfcfc2d5637d138b313c5130cd3d8e782bae8b4c9500e458222ab6fc54db9f19541a4092264e877d01976c2b5b9c42f","ssdeep":"192:+kTr7FSv3KRR9SxDDBdxG6N5YKYfeSKpc0Bq0f4PSpVtLI09fWoYSYcx5H:+kRSv6RR9UBdg6GfBELX4Kqkf8S5H","tlshash":"5a32c08c65f84ef1f3c49d05d47521764eeb68b802650d908076f26bb5c1bfaee03b16","first_seen":"2024-10-20T11:12:58.944842Z","last_seen":"2024-11-15T17:57:19.54882Z","times_seen":4,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":79,"dns":38,"connect":17,"send":0,"wait":231,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/b458d46547465s44d5s45-06c51cf6.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.053Z","timestamp":1731084897053,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /b458d46547465s44d5s45-06c51cf6.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 10756\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-2a04\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10756,"size_decoded":10756,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8d93a8a125b8f9131c4b711a3922e52a","sha1":"22b47d44f8357d9d32c26385215f4daaffceb180","sha256":"06c51cf63fff85ed92eef17cd72faacfe54c826c5d70244c7f48094c168dfb3a","sha512":"c6c5c61518359c35f7ea2d903649a9dae3e778d3389d84217e12d4a56cb639ac82107cd16c57dafbf9eada6bab79d4290adb278fc548fd0957aaab0058deb9fe","ssdeep":"192:OSUmz0KO6eoHQhWNsEDJMtkGylIPqf2b6GjOM2Ti0i37K8QX1H:xpz4YQsNtpIPeCjsfirKDH","tlshash":"1e22afd3691d1af2f94f000536ea74e8afc7171c8a0c0ec34e5aa1762e9394d4ec874d","first_seen":"2024-06-29T10:46:39Z","last_seen":"2025-09-23T14:36:19.685878Z","times_seen":1125,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":65,"dns":1,"connect":27,"send":0,"wait":35,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.741Z","timestamp":1731084896741,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 27 Oct 2024 18:52:20 GMT","end":"Sat, 25 Jan 2025 18:52:19 GMT"},"fingerprint":{"sha1":"1D:F4:C2:80:E2:C1:83:ED:04:04:57:D9:9B:F0:63:F4:BF:F7:E1:A0","sha256":"B5:97:45:CF:92:F4:1A:F8:45:AB:42:67:1F:3C:98:71:1C:C3:EE:A3:4C:3F:A0:F0:5B:0A:8E:74:D4:05:AE:A5"}}},"request":{"raw":"GET /releases/v5.15.4/css/free.min.css?token=42d5adcbca HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.manage-business-system.com/\r\nOrigin: https://www.manage-business-system.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 04 Aug 2021 18:53:09 GMT\r\netag: W/\"a12ec7ebe75a4d59a5dd6b79e2ba2e16\"\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8085867818451f9e38fc3edad1fada74.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: MRS53-P2\r\nx-amz-cf-id: zwwNWd5SptVox7ICdHVN_7iFdMTOitNHX8nDungBIvjb1zCsg54l-w==\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=vnI6UcmQ7XTbAenz5mJTFyCIpumPidHhZret7LQQAnLDWa0JZJGBT0aEJt%2Bes%2FM6qaXsqqY%2Bc6kXvtG0oa017dyx6PsGdmyCHZLAN3NoW%2B0zFFHgTHITi4VFtXQ5YCf2ceEdG%2FV9eA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8df7167d4c56caa9-HAM\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=14867\u0026sent=17\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=9952\u0026recv_bytes=1488\u0026delivery_rate=718253\u0026cwnd=255\u0026unsent_bytes=0\u0026cid=1d4f27e476418d06\u0026ts=123\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":239373,"size_decoded":239373,"mime_type":"text/css","magic":"gzip compressed data, from Unix","md5":"6807f6c8032757bab5b85ff60e4edd4b","sha1":"25f9a54c6123f182c6e4547f445522ba66b9ffaf","sha256":"fb849a9afc8b7dcf785218cb078db70e1d028e857215b97f2f91cf7cf9228e62","sha512":"581213b480804afe2d6b7e37a241cca37e546a532a0edbb633babc64659933eb804de0d1e9b635796c352096a0134e0a38ab136647ecb8faaff57cee6fd2e080","ssdeep":"6144:0r7uDkcn3XUgYSYOTLYVXPp354sHugWQWp2M5oX:0/uD3pYSiVXPL4sKQG3GX","tlshash":"3e34022c23f14662f91a517b0d6f4ff36ba6d78f24918604627cf9874d9887fa6800a7","first_seen":"2024-09-27T02:08:23Z","last_seen":"2024-12-07T17:31:25.833593Z","times_seen":50,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":92,"dns":50,"connect":14,"send":0,"wait":111,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/s32w659we12154r-789aa068.gif","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.260Z","timestamp":1731084897260,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /s32w659we12154r-789aa068.gif HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 316966\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-4d626\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114940,"size_decoded":114940,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1400 x 788","md5":"47db786d1930d161b1f8afbf8e754ac2","sha1":"dc8c70b2dc31ed4460472738711a7abe62d72fb3","sha256":"5acfd4312ee1ea386c3d35009044b0d9dc562d5ad22ca318fb60d5b2144ba6b3","sha512":"09c75107c36bf67a0cfb193a7c89bae65e68c2d92de64ae6c317fda60562296cda4f4bb9519f0a759b8df8c7ace06c103a1a4bb4935e8a46d5f76924260317c4","ssdeep":"3072:h9r3R5oyiy0H0PcosWvaB6BBOILNrE9PM:fjR5oy70H0PlsWNzHL9Mk","tlshash":"afb3af3ea2380a64aa0b1638310f55e20c4fd45d8df5ea371ab4fee78b0562d75d4ca7","first_seen":"2024-11-08T16:55:23.786401Z","last_seen":"2024-11-08T16:55:23.786401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":62,"dns":4,"connect":21,"send":0,"wait":47,"receive":127,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/g5ef5d158415e51q1-7969126d.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.050Z","timestamp":1731084897050,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /g5ef5d158415e51q1-7969126d.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 6318\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-18ae\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6318,"size_decoded":6318,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"d553b17fa779d5bf82a1ee3d89c0a840","sha1":"3ba5bfc7904f4659550ca29c2edecaa7afcbe8fa","sha256":"7969126db3b2ce7e191e2d35fffc92a74421911e51a0c9d57916984882bf1e2f","sha512":"c91d95c4f3a5194b257cb186fbf46d040496960211c89cf2cf8059550a4c96968cb2f6b8d68e9d010654d07128e9591cb3dac47ae8ae71ea05d2beebb3f0aad3","ssdeep":"96:6SJopVWGp/d/q0f6YwP3ibVeW79FUlHXKF3yQI0EEfC3JoYSXYRmx5H:6SKpc0Bq0f4PSpVtLI09fWoYSYcx5H","tlshash":"cdd1aecd23f89d51e3a4b405c83614b41eeb3ca805b285848871d22fbbc1dbbde13b0a","first_seen":"2024-07-21T22:23:16Z","last_seen":"2026-04-05T14:09:08.855319Z","times_seen":1579,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":63,"dns":2,"connect":26,"send":0,"wait":24,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/b458d46547465s44d5s45-06c51cf6.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.053Z","timestamp":1731084897053,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /b458d46547465s44d5s45-06c51cf6.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 10756\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-2a04\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10756,"size_decoded":10756,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8d93a8a125b8f9131c4b711a3922e52a","sha1":"22b47d44f8357d9d32c26385215f4daaffceb180","sha256":"06c51cf63fff85ed92eef17cd72faacfe54c826c5d70244c7f48094c168dfb3a","sha512":"c6c5c61518359c35f7ea2d903649a9dae3e778d3389d84217e12d4a56cb639ac82107cd16c57dafbf9eada6bab79d4290adb278fc548fd0957aaab0058deb9fe","ssdeep":"192:OSUmz0KO6eoHQhWNsEDJMtkGylIPqf2b6GjOM2Ti0i37K8QX1H:xpz4YQsNtpIPeCjsfirKDH","tlshash":"1e22afd3691d1af2f94f000536ea74e8afc7171c8a0c0ec34e5aa1762e9394d4ec874d","first_seen":"2024-06-29T10:46:39Z","last_seen":"2025-09-23T14:36:19.685878Z","times_seen":1125,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":65,"dns":1,"connect":27,"send":0,"wait":35,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/h245f15d84e5d44-5f3db409.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.250Z","timestamp":1731084897250,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /h245f15d84e5d44-5f3db409.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 226507\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-374cb\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":226507,"size_decoded":226507,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced","md5":"2ccafd289916d2a4569c1e657447333b","sha1":"0fc988469a8777ce25d5302710ad910fc516ac79","sha256":"5f3db409fdb705e00b783f36897278a551cafab0cdc0b41044b34a8f23549a89","sha512":"d099770fbc74a35700cb871134fdc04a47e4d6fed638a64b9daf77f8bf5085cbaa12e847db93ff70bed815e06ba35d529f1463f3cf9ebb729eb1367e5ec828de","ssdeep":"6144:zr7uDkcn3XUgYSYOTLYVXPp354sHugWQWp2M5oX:z/uD3pYSiVXPL4sKQG3GX","tlshash":"fb24122c27f14666f91a413f0daf4fe36bb6d79f24808609627cf5979d8843fa6400a7","first_seen":"2024-06-29T10:46:39Z","last_seen":"2025-10-23T09:51:23.177897Z","times_seen":1127,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":26,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/k9854w4e5136q5a-f2169603.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.262Z","timestamp":1731084897262,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /k9854w4e5136q5a-f2169603.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 278683\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-4409b\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":278683,"size_decoded":278683,"mime_type":"image/png","magic":"PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced","md5":"6c191a3cf2431fff344f55aa7efbdac8","sha1":"90ccb008377b70e2489fc8ca804b3f0c1ef1a9b9","sha256":"f216960314660c89cab97cf74f28f1970f5fc9bf6273a51ed3634e0abbe420d7","sha512":"39572f0c0504a0f6ae4e073c09f17ea342d1ef2ee3d3bee514a67073ef60c95d90c30322e7525add0d7ef46486990de40f420e8275c056b00cd0a73e55a2076a","ssdeep":"6144:KF3qjmRJtYaK6/5LdH5M9l1yTnMAmTc4F/cOGGRSM:K1A6RLp58l1wnxmGO","tlshash":"615423398bac17731b37e970ceb27430b9b83b56d1a710ade530437224f6aaf49585c9","first_seen":"2024-06-29T10:46:39Z","last_seen":"2025-08-21T02:33:11.900215Z","times_seen":1002,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":51,"dns":0,"connect":24,"send":0,"wait":46,"receive":98,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/s32w659we12154r-789aa068.gif","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.260Z","timestamp":1731084897260,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /s32w659we12154r-789aa068.gif HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 316966\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-4d626\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":316966,"size_decoded":316966,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1400 x 788","md5":"21128e33786e973d1230718460dacf23","sha1":"13a3a90b18b29e26a428e550989e27956ac735c5","sha256":"789aa06863722ce89e99d0e830c699040f9b105795bc2ab8f6f9dc27e011549e","sha512":"465787c34014d1eeecd90a01959f407f4479b34ea2b1e2c0a3cf53d789ce6d2057e4998292399f4392f7aae375f44cbd12bfcf1181d052eff8a8546cb8cd7095","ssdeep":"6144:fjR5oy70H0PlsWNzHL9MBiDKuE7jF2/ozoEsATyAweAFMnUDZpUlU:bRnZ7zBQjwAqSiz","tlshash":"7464e13e53340ab4be0b1638220f24a20d4fa45d8df6b9372ab4fee6570565e74d4ca7","first_seen":"2024-06-29T10:46:39Z","last_seen":"2025-08-21T02:33:11.888263Z","times_seen":710,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":62,"dns":4,"connect":21,"send":0,"wait":47,"receive":127,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.744Z","timestamp":1731084896744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 27 Oct 2024 18:52:20 GMT","end":"Sat, 25 Jan 2025 18:52:19 GMT"},"fingerprint":{"sha1":"1D:F4:C2:80:E2:C1:83:ED:04:04:57:D9:9B:F0:63:F4:BF:F7:E1:A0","sha256":"B5:97:45:CF:92:F4:1A:F8:45:AB:42:67:1F:3C:98:71:1C:C3:EE:A3:4C:3F:A0:F0:5B:0A:8E:74:D4:05:AE:A5"}}},"request":{"raw":"GET /releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.manage-business-system.com/\r\nOrigin: https://www.manage-business-system.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 04 Aug 2021 18:53:09 GMT\r\netag: W/\"76f34b71fc9fb641507ff6a822cc07f5\"\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA56-C2\r\nx-amz-cf-id: Zr29XRSO3g9Vz3fqWhE32Bw8ScpWrCgj1lhenhvR6Bkfu2UIfePBHA==\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tcojICjSDbbUP0WMrwKw%2Bi66PxzeTsSXJvP968X9CPs6V1%2FRiNLb2N89LlUdOBA3k65LZbFnEabQojnLxiTY68jec4qcZJiXc1h4tNug6DnVO1pp7mJlf0mGwcVSkoReHQSRH6fSxw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8df7167d9ce5caa9-HAM\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=14986\u0026sent=8\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=3272\u0026recv_bytes=1488\u0026delivery_rate=303712\u0026cwnd=255\u0026unsent_bytes=0\u0026cid=1d4f27e476418d06\u0026ts=100\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26682,"size_decoded":26682,"mime_type":"text/css","magic":"ASCII text, with very long lines (26500)","md5":"76f34b71fc9fb641507ff6a822cc07f5","sha1":"73ed2f8f21cd40fb496e61306acbb5849d4dbff4","sha256":"6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8","sha512":"6c4002ce78247b50bfa835a098980af340e4e9f05f7097c1e83301289051ce1282e647abab87db28a32fbfe0263c7318d2444b7d57875873908d6d5ed2af882f","ssdeep":"192:kP6hT1bIl4w0QUmQ10PwKLaAu5CwWavpHo4O6wgLPhJVR8XD7mycP:Phal4w0QK+PwK05eavpmgP1eXD7mycP","tlshash":"bec20665930c60d3a3eef847ba0172a8277577999a864c54f30b7c9c8dc3a5772e8f18","first_seen":"2023-04-05T03:17:09Z","last_seen":"2026-04-05T14:55:42.393821Z","times_seen":20922,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":140,"dns":49,"connect":39,"send":0,"wait":38,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:56.746Z","timestamp":1731084896746,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 27 Oct 2024 18:52:20 GMT","end":"Sat, 25 Jan 2025 18:52:19 GMT"},"fingerprint":{"sha1":"1D:F4:C2:80:E2:C1:83:ED:04:04:57:D9:9B:F0:63:F4:BF:F7:E1:A0","sha256":"B5:97:45:CF:92:F4:1A:F8:45:AB:42:67:1F:3C:98:71:1C:C3:EE:A3:4C:3F:A0:F0:5B:0A:8E:74:D4:05:AE:A5"}}},"request":{"raw":"GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.manage-business-system.com/\r\nOrigin: https://www.manage-business-system.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 Nov 2024 16:54:56 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 04 Aug 2021 18:53:09 GMT\r\netag: W/\"f2e0b2680d9b0bcb6e0039c4424e5a59\"\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA56-C2\r\nx-amz-cf-id: LUatTdF-MT65uslwk75Y6_g6B2IVMzK9MJ3ocfGclSxHCm5gtczL4A==\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=hccWSauNMApSA1dy8lIaZCy0b5OdfSdD%2B%2FHY5F%2FBdCOqA9641wqgbH69lhtW2gdXIjFWCtqA%2FYAo2RBKTvXrLbaHRv%2FoESMca6bINm2YagRl86Q2zRTLfyIiQ%2BqiDqXoGTbnubgLQg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8df7167d6c9bcaa9-HAM\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=14986\u0026sent=14\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=8529\u0026recv_bytes=1488\u0026delivery_rate=303712\u0026cwnd=255\u0026unsent_bytes=0\u0026cid=1d4f27e476418d06\u0026ts=104\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2956,"size_decoded":2956,"mime_type":"text/css","magic":"ASCII text, with very long lines (3007), with no line terminators","md5":"164aeedbf1c90c5467de5320f9f2d89e","sha1":"63fdf9f59785c7b84dc82523cc76d81773e9c60b","sha256":"676748e7bec72f0310e785f353d6b9e33305b577b57a08c57f98d1ce9e77ed25","sha512":"05fdaf3d9a1ea5f3a575950816a0dddff9bf06cd47e9afea0ba0749b25c2a3374edae654c50eff11d5ae552afa95020f656181c306a815241f3b209063a1db40","ssdeep":"","tlshash":"ce519b7dc7da021059920f3535d7b100ea8ef0ab6a653eb2c629d64e4ce895773cab0d","first_seen":"2023-04-05T03:22:27Z","last_seen":"2025-04-06T09:24:43.872729Z","times_seen":2967,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":108,"dns":46,"connect":22,"send":0,"wait":71,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.manage-business-system.com/fd4s4d7f4s5df44fd4-008beba7.png","fqdn":"www.manage-business-system.com","domain":"manage-business-system.com","tld":"com"},"ip":{"addr":"147.45.126.42","port":443,"asn":62904,"as":"AS62904","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.048Z","timestamp":1731084897048,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manage-business-system.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 15:05:33 GMT","end":"Wed, 05 Feb 2025 15:05:32 GMT"},"fingerprint":{"sha1":"7F:01:A9:46:65:B6:8D:D8:30:B0:EB:50:4E:99:21:D5:60:16:D8:A5","sha256":"A8:0A:57:E5:1B:ED:87:E5:B7:DF:14:85:B6:98:A6:A2:24:E9:78:BB:0D:70:7F:9C:94:0A:83:29:D4:35:55:02"}}},"request":{"raw":"GET /fd4s4d7f4s5df44fd4-008beba7.png HTTP/1.1\r\nHost: www.manage-business-system.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 08 Nov 2024 16:54:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 16099\r\nLast-Modified: Thu, 07 Nov 2024 16:04:15 GMT\r\nConnection: keep-alive\r\nETag: \"672ce4ff-3ee3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16099,"size_decoded":16099,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5c16d06d4b48457e8b6e838b4ed29696","sha1":"b8d400caf154787827f80edd7be2598718aa1d27","sha256":"008beba70db4cc9ef1d7dc34635cef19620822da0722fd4670d36a1dfee543da","sha512":"a99cc696d4733d030d8f3184b31dd4367b3c1b46b6352ad479f0f28973fe4f36b99951dc570bc4cb75ca64e9ef25973c8639b4ca3e3ac720a80ef44426fb23b0","ssdeep":"384:xMOLcQo2hkjx7FYNBsy2TQ01kKVaWHzg9IXBioeIm6C2t:eIFhUxhMj0ESc+x8n6jt","tlshash":"6a72d0b784c4c8eb9a5dbf0b8cb9151c5331496e334618ab1d7a7731d7f9ab83c62086","first_seen":"2024-06-29T10:46:39Z","last_seen":"2026-04-05T14:09:08.849295Z","times_seen":1752,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-08","alert":"Sinkholed","trigger":"manage-business-system.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"companieslogo.com/img/orig/FB-2d2223ad.png?t=1720244491","fqdn":"companieslogo.com","domain":"companieslogo.com","tld":"com"},"ip":{"addr":"104.26.9.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.manage-business-system.com/leafmailer2.8.php,7-Nov-24,High,Medium","date":"2024-11-08T16:54:57.504Z","timestamp":1731084897504,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"companieslogo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Sep 2024 21:05:13 GMT","end":"Sun, 22 Dec 2024 21:05:12 GMT"},"fingerprint":{"sha1":"9A:4A:D2:97:0B:BB:3D:20:E2:5E:D0:F1:2F:DD:50:69:05:97:A1:85","sha256":"4F:19:FA:44:10:80:1F:1C:8D:03:BC:B7:ED:8B:C5:54:70:F1:20:B0:2E:E9:31:95:1B:28:8E:25:1F:1F:F0:36"}}},"request":{"raw":"GET /img/orig/FB-2d2223ad.png?t=1720244491 HTTP/1.1\r\nHost: companieslogo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.manage-business-system.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 Nov 2024 16:54:57 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nmax-age: 2592000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 6835\r\nlast-modified: Fri, 08 Nov 2024 15:01:02 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=vMUlFcKkN%2Fg6vXZczztkdeGCPusmJYto1B7p19hnCrjpC9QC9DnNUU1yiUAAlWpIWYk%2B%2F5PNV4PRzx%2B5DpMBKS2e7a4JAUJtR0UrUzLj8tv4q%2FUXulyNKlrOwdKWs3xBm9V%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8df71681dd98b4ff-OSL\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=16643\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3216\u0026recv_bytes=1105\u0026delivery_rate=261560\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=dbbd51f09e68a336\u0026ts=48\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52793,"size_decoded":52793,"mime_type":"image/png","magic":"PNG image data, 1666 x 1666, 8-bit/color RGBA, non-interlaced","md5":"355d0890b2819c62dd5035e2e024cd82","sha1":"36472542a33aa338e6fda754f488a3c5d1036255","sha256":"fb4ca4320560daf5b3da92cbb58aae0250baa0c3a4fae2f8e0be25249695d680","sha512":"7271ca28f5e4dd1880aaca19f47e4418b87b506595f54cecbed01f9153c6bc0aca941b7f6674611b4f1fc27e8bff4f0128a5f6da938e7d7d4c839d58dee638d9","ssdeep":"1536:D1ogL9j+v1eNUk4MAmvCZcErAKybtqpc2:D1dL9jJUk49mvC2ErAVbtqpc2","tlshash":"4733c0a05996e0d8c3f6f5b59cbe12607b7caa756e506ef4d236c38dde32063048d4e0","first_seen":"2024-08-23T04:50:45Z","last_seen":"2025-10-19T20:59:38.234655Z","times_seen":543,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":22,"connect":17,"send":0,"wait":34,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}