{"report_id":"de67efb5-d80c-4f29-9fcd-25ed1ced3d14","version":6,"status":"done","tags":["fake_software","fraud"],"date":"2023-10-25T10:34:35Z","url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":""},"ip":{"addr":"144.202.72.169","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"title":"Security Center"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T17:57:59Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":724,"first_seen":"2014-06-18 02:37:31","last_seen":"2023-10-24 19:22:56","alert_count":0,"request_count":1,"received_data":28315,"sent_data":457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"144.202.72.169","ip":{"addr":"144.202.72.169","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2019-03-22 22:32:46","last_seen":"2020-11-06 18:49:43","alert_count":28,"request_count":17,"received_data":218790,"sent_data":6581,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-10-24 18:20:59","alert_count":0,"request_count":2,"received_data":32680,"sent_data":868,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-10-24 18:12:38","alert_count":0,"request_count":2,"received_data":51230,"sent_data":949,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.67","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-10-24 18:12:09","alert_count":0,"request_count":2,"received_data":1400,"sent_data":666,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-10-24 19:34:38","alert_count":0,"request_count":1,"received_data":89284,"sent_data":422,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"57381d43f260aa3b8c47820ca38655a3","sha1":"8d087b53d91f8e3ff0def7d1d94a6dada72fac79","sha256":"35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943","sha512":"e39f2aae6c3f8f32fb2f9d0345265a29a63a7874120b0f7eddbf1a2c08787e2f754f1777d346ef99c94483abf37918c424f9a4318c995de1a37241cefeef2186","ssdeep":"","tlshash":"f07000c8b08aa02002022020022b2008a0ba0000200c0000800002803ea00088222802","size":19,"data":"","first_seen":"2023-04-10T16:23:44Z","last_seen":"2026-04-03T21:28:30.42797Z","times_seen":12406,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/before.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87c2dc3aeb373ca8445f7410ef387689","sha1":"688f4be3cfb8688b4441f382724495a7b82b3f62","sha256":"31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95","sha512":"be604ec6773904b4bf034cc69466367bb1ce5d54a56149133834ac7f74b6aeec55caf380518a01d72827baeef5241a11f6eb23392e51a09343c8fdb970aae22b","ssdeep":"","tlshash":"85e086dee84f396a54666141725bb324283634a50100941dfc0d9489d3b868fc6136c4","size":366,"data":"","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-02T05:17:29.188384Z","times_seen":1036,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"011a84e54de113cd8bee0e17ae8aa515","sha1":"e84b14b6ec396b1ab045b7e667f90536cd5c6083","sha256":"13fcca4523b328c51789df37af5275739fd57abf684e5d3658e7d69210f9ec53","sha512":"7a32f17836638021f273d46cb624ecf3406b08665867a737a0db8a7828e77ed46ddc3299e83e8e96cdd550e1f5e1770cec79141334fa78167d24d57f1db7e2ba","ssdeep":"","tlshash":"7f7000000a822230220000300020c2a03ab8c820ec0232000a0b0c0202808080002800","size":21,"data":"","first_seen":"2023-03-07T01:03:59Z","last_seen":"2025-12-16T08:52:38.83352Z","times_seen":1190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f81d0a1705048649befc8b595e455a94","sha1":"aec551e4d573463088fca7d14fb644eb389f1839","sha256":"b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b","sha512":"c15ed88f56a52190ea645094409cbce5537eaaf108972f777c840037b8aa0c508f12e70b09e345cf8af7e450a8f6ce96ae974340f8bcd316e58d707c063b6f72","ssdeep":"768:0u/iPe3+zZTVPVBNppu7MTAN6/kp3EfB+4edVAja+t+QnXLb1+uaR+orWieOJAlU:0eiG+Nkp083dG3ulPFzfBqT+m/S","tlshash":"3d83734972a0b472069f61a6807b4a0bf2376c4da107b01cbad9d4ed1f7cd89316bf79","size":84378,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T22:37:54.807282Z","times_seen":5104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/light.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd6c33fbc221d0271c910af910e6ebed","sha1":"9b52f24d6f10b885bb19db1c4b531469f96d2914","sha256":"318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479","sha512":"13d12ee60e01ec4dde5c1bed73a607a891d5cc857a6e161034e71159bd2a352a0f4ad8ef6038ccb2b5d7f23b8899bf9bcb97aa39eafcc6ae985cdc835e061412","ssdeep":"","tlshash":"a6f0592d7d1cb9b24ca2762da6eed0951f0b7c87100865027fac1cc0df902180d12f96","size":503,"data":"","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-03T20:19:55.685704Z","times_seen":7484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/jscode.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5fbdc10de5d4731ac77b794d8fc746b","sha1":"5693a34b729c118c4a8db4b849ef4dd415dd68de","sha256":"5a3f61cf70040916fc2f6a985ace65a1d65e7380a20156cb01312d3dc393df84","sha512":"df503ce1e41a5c32eaa2d1f213ce0adff5d6041a2fc0fb46f4f4446dca139f8086be511b0c55c67870275b64efa5eeec7b7c0824482eeaa7999aaa22d8359d72","ssdeep":"96:fyqCp+qLo/3mcSkpKUJo5gEbYOkiTD95i9ixKz0Dj7odoG:qdp+qLBgi57bYyTx5i9ixKz0DHSoG","tlshash":"dfd1ba89b60a35514df773b99f2b9249ff325227808683407e6c5dd01fb4c98925afac","size":6477,"data":"","first_seen":"2023-09-21T00:42:43Z","last_seen":"2024-09-19T22:35:07.371251Z","times_seen":224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3331dd100093146f9d9e23177df13a9e","sha1":"d96aecc06ec14450b9e684bd11d3f25237953fc1","sha256":"5302771d38aff0a308e6c5fcd09ef52d20065c2bd080a0364af0c13bc8f828c0","sha512":"bdab5c6a308d1ff99f2a97c29048606e0674f2eb58dec959642b8b9ba1ae864985e3229cb67ae88a5335cf847d66ebede13ce4f31712a27af2bd4cabdf0b7cec","ssdeep":"6144:6gNh/uWUy3pGybJjg04JCttQ38AZID6SX:6QGWUyIybxqZM","tlshash":"ce4408dab3c370668296f479503f014ba5bb2ca6b44ccc95f189c9e02e74a8a5137f7c","size":261007,"data":"","first_seen":"2023-10-25T12:34:42Z","last_seen":"2023-10-25T12:34:42Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"65f1d21d5fcc9d21da758adababd0c3c","sha1":"e0661d07d64c00008bc9d013d16eec0a0f156dc7","sha256":"d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe","sha512":"de7d7dc739ced2e6cfa52c1809144180787adc3ad5f9b7597c72b9d9bd5eb2f21de06b1fc12b5034f2458de428b368772700a6665d3f2e02f148a300239e6183","ssdeep":"192:sANzVNUBOebwvXDA+mJ4fXOrTIjDJfiRxug9xx+EMZajp:PNbUBOjHmJcOgjDJaR1bMZip","tlshash":"2032d6cd70937109438ba07b21bf520ef2bd495859198954e099c8bdbd74ce8523bf6e","size":11084,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-03T15:07:30.063761Z","times_seen":5383,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/fullscreen.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"62f519fe72808a3ec681392b7ff47417","sha1":"2ee16112e35feb9d6d48ae0f4e66187514dec811","sha256":"43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4","sha512":"2e9da34a3d4985c1e4a82d977ae0bdd047bd14f5e6ef572655b90ef97fcbc10689a2f2749809a397fa86c6841805b23edf39834f0c87215e3455c8fda4ecf34f","ssdeep":"","tlshash":"f2d022b78c053430e794a83e91abcacb2d39302a3143b833390c68bcc36dd8c0270e80","size":245,"data":"","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-02T05:17:29.195023Z","times_seen":1007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/main.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"452495a24d193e8ca9836109344a44c5","sha1":"5a23dde7633bcd3c23584296c56134bcd7a760d2","sha256":"07ff789eef78972d62715779e770eddfaedad82ef11bb74352296b81bb10184f","sha512":"99c13200724cf10a116f16ad7c9c7dadee442b9ab7b84a3ee89dbcdf31b997932f125b1431d3daf5b04407257e56e3427ea07e53da0949a6ca50cc3c4dc72919","ssdeep":"","tlshash":"4a21e419f1d8a620453b3338693ba60cff3b211ba40a5f40f94c69d01f3e6981c57c4d","size":1429,"data":"","first_seen":"2023-04-30T23:35:32Z","last_seen":"2024-08-21T09:38:41.26277Z","times_seen":291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f9fb969ce353c5d77707836391eb28d","sha1":"62c4042e9ebc691a5372d653b424512a561d1670","sha256":"2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515","sha512":"7a027f63edb63fd350f5a2325428745423ac7f27729fc78d9aa072fb2d829c91be7e9448c57312ea36d63fcb552a9d23a7e34ee67f16b4c5009cd9c6a092a2e3","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrr:z4UdWJiz6UAIJ8pa98Hrr","tlshash":"cc83d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","size":84355,"data":"","first_seen":"2023-03-07T01:14:40Z","last_seen":"2026-04-03T21:32:56.782046Z","times_seen":10261,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-25T10:34:18.368204995Z","timestamp":1698230058368,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nLocation: http://144.202.72.169/ccsabcaslk/\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":162,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"4f8e702cc244ec5d4de32740c0ecbd97","sha1":"3adb1f02d5b6054de0046e367c1d687b6cdf7aff","sha256":"9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a","sha512":"21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f","ssdeep":"","tlshash":"0bc08cadab022cc8b8a73b3861c36160e2ec80701699451101b04a07f1cf1979ec23d1","first_seen":"2023-04-05T03:07:27Z","last_seen":"2025-10-21T23:58:19.216342Z","times_seen":131101,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-25T10:34:18.881499461Z","timestamp":1698230058881,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/ HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":796,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text","md5":"e883b2fcdeb3f01e8100668f50e15bc1","sha1":"e18e0b28f8d44aff32d08215ed9bd1666839cf62","sha256":"b124d77220dffdff779ef4045e26c1f3c24b30676420ab5e177f6c018ece0972","sha512":"bd908329c9d0ba5f23d0ad22c366636bfed4ad74ca99326530098614c6855870e78ccc18e31000f878d48db97f368f431f9844da371a1d0fe0cbd8aed46d97b3","ssdeep":"","tlshash":"1851b36b54e240161c76a431579a7a04667384dbdd0cd840fa4e43a1afa473b836ffd8","first_seen":"2023-10-25T12:32:10Z","last_seen":"2023-10-27T22:45:39Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/favicon.ico","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:20.270Z","timestamp":1698230060270,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":106,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-03T22:31:35.618589Z","times_seen":477139,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":138,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-25T10:34:19.305Z","timestamp":1698230059305,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/?phone=\u0026 HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://144.202.72.169/ccsabcaslk/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3469,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c98019f55064831acf4d4dc3eff42aa3","sha1":"da9ab422c3e665802100eecc408b0d7a647b5ee9","sha256":"9adf1deb784991e42a61000a3252260a8145a1b24943081140b43c6b0e395214","sha512":"64ba37e22d9a239206b0b7e7387d2295f633df616b2c3a88d387a1ae98bf325d28234bae2c508d912c6dd8b0bbc275f93fc92bf40012656cbb5e68396613de15","ssdeep":"192:nBHVMFT0bejvqFeWF3/nT8HlDkBIcHJPutcQhCD:nlK1+DY0Q49P0CD","tlshash":"4012955cabc64432513240e4a86697cdf9458d07d742a22036fd8323afb0f8eec17abc","first_seen":"2023-10-01T14:16:58Z","last_seen":"2023-11-28T18:11:08Z","times_seen":53,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":138,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.504Z","timestamp":1698230059504,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Oct 2023 10:34:18 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 26660\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec4-14983\"\r\nlast-modified: Mon, 04 May 2020 16:11:48 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 16897382\r\nexpires: Mon, 14 Oct 2024 10:34:18 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FYza%2Bhorjyxs3Ui8EtsoOAUHWg6JHqMhTGRPhyRwwdG2KWQJCprW0QdsMwKZxFl0f2Hf%2BehfEGCKG5n5sL4e%2FdySJJD8R%2FjCXMGsyguUkEu1BI49iCP%2Fk8OJp6A828WpA2i5Mo2e\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 81b9ce6b3a3f56c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26660,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32180)","md5":"7f9fb969ce353c5d77707836391eb28d","sha1":"62c4042e9ebc691a5372d653b424512a561d1670","sha256":"2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515","sha512":"7a027f63edb63fd350f5a2325428745423ac7f27729fc78d9aa072fb2d829c91be7e9448c57312ea36d63fcb552a9d23a7e34ee67f16b4c5009cd9c6a092a2e3","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrr:z4UdWJiz6UAIJ8pa98Hrr","tlshash":"cc83d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","first_seen":"2023-03-07T01:14:40Z","last_seen":"2026-04-03T21:32:56.782046Z","times_seen":10261,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":33,"dns":2,"connect":1,"send":0,"wait":9,"receive":2,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.532Z","timestamp":1698230059532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Oct 2023 10:34:18 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 3980\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03f26-2b4c\"\r\nlast-modified: Mon, 04 May 2020 16:13:26 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 10774088\r\nexpires: Mon, 14 Oct 2024 10:34:18 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ZlzPi0zozELnH7YIxebfBABsRSVigBW4kG%2B50XoDZ24ivfCdOV7rRNz0NIS66Wug%2B9iNHnLiVIEAJktBhwXGANJH%2B5BNZLlY2aZgktFueQmcRw0wwJreY4Tl8l5R7LHTJUQrzRB%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 81b9ce6b4a4956c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3980,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (11084), with no line terminators","md5":"65f1d21d5fcc9d21da758adababd0c3c","sha1":"e0661d07d64c00008bc9d013d16eec0a0f156dc7","sha256":"d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe","sha512":"de7d7dc739ced2e6cfa52c1809144180787adc3ad5f9b7597c72b9d9bd5eb2f21de06b1fc12b5034f2458de428b368772700a6665d3f2e02f148a300239e6183","ssdeep":"192:sANzVNUBOebwvXDA+mJ4fXOrTIjDJfiRxug9xx+EMZajp:PNbUBOjHmJcOgjDJaR1bMZip","tlshash":"2032d6cd70937109438ba07b21bf520ef2bd495859198954e099c8bdbd74ce8523bf6e","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-04-03T15:07:30.063761Z","times_seen":5383,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":19,"dns":2,"connect":1,"send":0,"wait":7,"receive":8,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.533Z","timestamp":1698230059533,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://144.202.72.169\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 4.6.0\r\nx-jsd-version-type: version\r\netag: W/\"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 25 Oct 2023 10:34:18 GMT\r\nage: 19344875\r\nx-served-by: cache-fra-eddf8230133-FRA, cache-bma1654-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 23377\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23377,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65299)","md5":"f81d0a1705048649befc8b595e455a94","sha1":"aec551e4d573463088fca7d14fb644eb389f1839","sha256":"b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b","sha512":"c15ed88f56a52190ea645094409cbce5537eaaf108972f777c840037b8aa0c508f12e70b09e345cf8af7e450a8f6ce96ae974340f8bcd316e58d707c063b6f72","ssdeep":"768:0u/iPe3+zZTVPVBNppu7MTAN6/kp3EfB+4edVAja+t+QnXLb1+uaR+orWieOJAlU:0eiG+Nkp083dG3ulPFzfBqT+m/S","tlshash":"3d83734972a0b472069f61a6807b4a0bf2376c4da107b01cbad9d4ed1f7cd89316bf79","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T22:37:54.807282Z","times_seen":5104,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":78,"dns":63,"connect":8,"send":0,"wait":9,"receive":4,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.503Z","timestamp":1698230059503,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://144.202.72.169\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 4.6.0\r\nx-jsd-version-type: version\r\netag: W/\"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 25 Oct 2023 10:34:18 GMT\r\nage: 19189754\r\nx-served-by: cache-fra-eddf8230111-FRA, cache-bma1654-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 26291\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26291,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65326)","md5":"d432e4222814b62dd30c9513dcc29440","sha1":"2cac4afc120983921411296bd4e8fd8a94ba237e","sha256":"4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601","sha512":"3f9320327d6304dd356ac060534cfad10938431897a3cebec2515a84aaec41fdfb73d72ba39d7b5b35523cf575b432b3864bb6889d855602faef01b4dd21a734","ssdeep":"1536:iC7AIJkTR+rMqFVD2DEBi8yNcuSElAz/uJpq3SYiLENM6HN26R:d7XXGLq3SYiLENM6HN26R","tlshash":"8cf353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T05:11:52Z","last_seen":"2026-04-03T20:45:15.490619Z","times_seen":11785,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":117,"dns":36,"connect":25,"send":0,"wait":8,"receive":24,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/main.css","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.515Z","timestamp":1698230059515,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/main.css HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 22 Oct 2023 06:24:45 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c02d-2f4f\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2602,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"28169309e74f1e0028e6e719676ab188","sha1":"bfcad26f7a2ee391cb20e446b0f1a4e17499507a","sha256":"d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6","sha512":"c1d6432fa342a0aa0bbec0838d47ecd6ef0d77eb81f4a9bfd395248bcaa83deff45263bbfbc2da6786259d35f9c16f47dfa3427a0553794a282f0b2c2143e53e","ssdeep":"192:vzLYlFfSzqmSzq/Hg7nuuEokAUidwSLyj1R7jEYbolTyymHte0e1u1RstQSzqmSr:JiyuEpNc+O4wxiufM","tlshash":"0042205cde012045f237dab9aff14782ea5910831a030ab97feca240cf7a16d5656fcc","first_seen":"2023-04-30T23:35:33Z","last_seen":"2025-04-30T14:41:47.71778Z","times_seen":411,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.67","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-25T10:34:19.747897874Z","timestamp":1698230059747,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"25ee40154711e09e72514fb1d97998db","sha1":"9d9c7de2b4e049ca9ee938c1bc2259b915d0ca7b","sha256":"31fdfba6b02cf76a87b31d19645609d200108e0e967495cb583a40fa963614f4","sha512":"835dd69be71271f21011038fbf88d97c707480a3e33ad59389e416203962ec9bc3d8b19f607cdcc66199620ccbc1e9736ccb69f31fe5547c72f13c52139fb2b0","ssdeep":"","tlshash":"28f0d4093e3d6941a95e187d39c4b94c229066930dbd3545bffd14cac2253decebbc94","first_seen":"2023-10-24T12:01:38Z","last_seen":"2023-10-25T17:07:32Z","times_seen":1645,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/main.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.543Z","timestamp":1698230059543,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/main.js HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 22 Oct 2023 06:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c02f-595\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":440,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"452495a24d193e8ca9836109344a44c5","sha1":"5a23dde7633bcd3c23584296c56134bcd7a760d2","sha256":"07ff789eef78972d62715779e770eddfaedad82ef11bb74352296b81bb10184f","sha512":"99c13200724cf10a116f16ad7c9c7dadee442b9ab7b84a3ee89dbcdf31b997932f125b1431d3daf5b04407257e56e3427ea07e53da0949a6ca50cc3c4dc72919","ssdeep":"","tlshash":"4a21e419f1d8a620453b3338693ba60cff3b211ba40a5f40f94c69d01f3e6981c57c4d","first_seen":"2023-04-30T23:35:32Z","last_seen":"2024-08-21T09:38:41.26277Z","times_seen":291,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":113,"dns":0,"connect":145,"send":0,"wait":137,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/light.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.544Z","timestamp":1698230059544,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/light.js HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 22 Oct 2023 06:24:44 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c02c-1f7\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":248,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"cd6c33fbc221d0271c910af910e6ebed","sha1":"9b52f24d6f10b885bb19db1c4b531469f96d2914","sha256":"318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479","sha512":"13d12ee60e01ec4dde5c1bed73a607a891d5cc857a6e161034e71159bd2a352a0f4ad8ef6038ccb2b5d7f23b8899bf9bcb97aa39eafcc6ae985cdc835e061412","ssdeep":"","tlshash":"a6f0592d7d1cb9b24ca2762da6eed0951f0b7c87100865027fac1cc0df902180d12f96","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-03T20:19:55.685704Z","times_seen":7484,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":1,"connect":139,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/jscode.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.544Z","timestamp":1698230059544,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/jscode.js HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 22 Oct 2023 06:24:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c024-194d\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1765,"size_decoded":0,"mime_type":"application/javascript","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"b5fbdc10de5d4731ac77b794d8fc746b","sha1":"5693a34b729c118c4a8db4b849ef4dd415dd68de","sha256":"5a3f61cf70040916fc2f6a985ace65a1d65e7380a20156cb01312d3dc393df84","sha512":"df503ce1e41a5c32eaa2d1f213ce0adff5d6041a2fc0fb46f4f4446dca139f8086be511b0c55c67870275b64efa5eeec7b7c0824482eeaa7999aaa22d8359d72","ssdeep":"96:fyqCp+qLo/3mcSkpKUJo5gEbYOkiTD95i9ixKz0Dj7odoG:qdp+qLBgi57bYyTx5i9ixKz0DHSoG","tlshash":"dfd1ba89b60a35514df773b99f2b9249ff325227808683407e6c5dd01fb4c98925afac","first_seen":"2023-09-21T00:42:43Z","last_seen":"2024-09-19T22:35:07.371251Z","times_seen":224,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":1,"connect":139,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/fullscreen.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.540Z","timestamp":1698230059540,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/fullscreen.js HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 22 Oct 2023 06:24:57 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c039-f5\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":157,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"62f519fe72808a3ec681392b7ff47417","sha1":"2ee16112e35feb9d6d48ae0f4e66187514dec811","sha256":"43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4","sha512":"2e9da34a3d4985c1e4a82d977ae0bdd047bd14f5e6ef572655b90ef97fcbc10689a2f2749809a397fa86c6841805b23edf39834f0c87215e3455c8fda4ecf34f","ssdeep":"","tlshash":"f2d022b78c053430e794a83e91abcacb2d39302a3143b833390c68bcc36dd8c0270e80","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-02T05:17:29.195023Z","times_seen":1007,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":135,"dns":1,"connect":139,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/before.js","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.542Z","timestamp":1698230059542,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/before.js HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 22 Oct 2023 06:24:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6534c027-16e\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":218,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"87c2dc3aeb373ca8445f7410ef387689","sha1":"688f4be3cfb8688b4441f382724495a7b82b3f62","sha256":"31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95","sha512":"be604ec6773904b4bf034cc69466367bb1ce5d54a56149133834ac7f74b6aeec55caf380518a01d72827baeef5241a11f6eb23392e51a09343c8fdb970aae22b","ssdeep":"","tlshash":"85e086dee84f396a54666141725bb324283634a50100941dfc0d9489d3b868fc6136c4","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-04-02T05:17:29.188384Z","times_seen":1036,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":133,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.522Z","timestamp":1698230059522,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:26:20 GMT","end":"Thu, 21 Dec 2023 05:26:19 GMT"},"fingerprint":{"sha1":"81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89","sha256":"BF:65:05:97:11:62:1C:0A:F5:44:E0:12:95:5F:87:62:0B:A7:91:BE:8B:EA:52:FB:C4:0D:05:93:22:9B:A8:47"}}},"request":{"raw":"GET /gtag/js?id=G-GZ2WHBX513 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 25 Oct 2023 10:34:19 GMT\r\nexpires: Wed, 25 Oct 2023 10:34:19 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 88683\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88683,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (5788)","md5":"3331dd100093146f9d9e23177df13a9e","sha1":"d96aecc06ec14450b9e684bd11d3f25237953fc1","sha256":"5302771d38aff0a308e6c5fcd09ef52d20065c2bd080a0364af0c13bc8f828c0","sha512":"bdab5c6a308d1ff99f2a97c29048606e0674f2eb58dec959642b8b9ba1ae864985e3229cb67ae88a5335cf847d66ebede13ce4f31712a27af2bd4cabdf0b7cec","ssdeep":"6144:6gNh/uWUy3pGybJjg04JCttQ38AZID6SX:6QGWUyIybxqZM","tlshash":"ce4408dab3c370668296f479503f014ba5bb2ca6b44ccc95f189c9e02e74a8a5137f7c","first_seen":"2023-10-25T12:34:42Z","last_seen":"2023-10-25T12:34:42Z","times_seen":1,"resource_available":true,"data":null}},"time_used":649,"timings":{"blocked":297,"dns":1,"connect":8,"send":0,"wait":24,"receive":18,"ssl":298},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.67","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-25T10:34:19.932347767Z","timestamp":1698230059932,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"25ee40154711e09e72514fb1d97998db","sha1":"9d9c7de2b4e049ca9ee938c1bc2259b915d0ca7b","sha256":"31fdfba6b02cf76a87b31d19645609d200108e0e967495cb583a40fa963614f4","sha512":"835dd69be71271f21011038fbf88d97c707480a3e33ad59389e416203962ec9bc3d8b19f607cdcc66199620ccbc1e9736ccb69f31fe5547c72f13c52139fb2b0","ssdeep":"","tlshash":"28f0d4093e3d6941a95e187d39c4b94c229066930dbd3545bffd14cac2253decebbc94","first_seen":"2023-10-24T12:01:38Z","last_seen":"2023-10-25T17:07:32Z","times_seen":1645,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/def.png","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.527Z","timestamp":1698230059527,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/def.png HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 3834\r\nLast-Modified: Sun, 22 Oct 2023 06:24:39 GMT\r\nConnection: keep-alive\r\nETag: \"6534c027-efa\"\r\nExpires: Fri, 24 Nov 2023 10:34:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\\012- data","md5":"77a2ffc5545f87551d74781201de9b3b","sha1":"c9c3798afd2ae95aa3bba3c428335d49c8255b06","sha256":"316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c","sha512":"cd1a966e47a63af86e7ac34d58051ef6ea6e0bb5b8abe14981bd088462667b5a69974b394e960c61f8ed559fb33a2c638d90c004ee13fa985a3f11455213fc2e","ssdeep":"","tlshash":"99812b99a4b4e8a3d442c43b18b65902ae159e0095f2913abf4ff4036a73270866c1fa","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-03-23T15:41:38.721343Z","times_seen":1695,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":143,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/microsoft.png","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.526Z","timestamp":1698230059526,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/microsoft.png HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 1045\r\nLast-Modified: Sun, 22 Oct 2023 06:24:45 GMT\r\nConnection: keep-alive\r\nETag: \"6534c02d-415\"\r\nExpires: Fri, 24 Nov 2023 10:34:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1045,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\\012- data","md5":"bf2b460590fbb9d8e9611a6e9006b816","sha1":"561e1dab259d61e798b3ce380527b71b61074ff3","sha256":"ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03","sha512":"acc9773b532bff6a1284b78324d9bd51117a6ebfc0c549224ba4b703540de8869ab1eff1cce8cc4fca00c5b4f47d34fc27fab27246873326cee49d2dd5e877c0","ssdeep":"","tlshash":"ee1135eaba112451955cf68b34e54017de128d8095d0f461bd8fc49705703fd554a8df","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-03-25T19:04:48.353465Z","times_seen":2625,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/virus-images.jpg","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.530Z","timestamp":1698230059530,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/virus-images.jpg HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8196\r\nLast-Modified: Sun, 22 Oct 2023 06:24:32 GMT\r\nConnection: keep-alive\r\nETag: \"6534c020-2004\"\r\nExpires: Fri, 24 Nov 2023 10:34:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8196,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 254x71, components 3\\012- data","md5":"5fc559a242f0ea0a023f10830887d2af","sha1":"9d744c2f3a6bf5b715496350c8de7124cdd7ddc8","sha256":"3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887","sha512":"596ec31fb4539f946bf5c7f4ca061bed85a8a9afbb72e2c595f1f5c1afc17b84d0b10647ae290aec86d3e1a63284465a8780cf4fa48fc4869022a8b67890f410","ssdeep":"96:9h3pVztZtHATTFrmZOtCfrf1YXB9zxqnTrltGReCEPOHVKcLp9OUn4:TzztXHA3FbG1YvxqnTrlbPO1TpMU4","tlshash":"56029e21f21b084bc325d9590ae6872d9c7c0f9548cfe514b2c69d97e8aef5a3d029e2","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-04-02T05:17:29.193634Z","times_seen":1336,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":138,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/cross.png","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.529Z","timestamp":1698230059529,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/cross.png HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 44098\r\nLast-Modified: Sun, 22 Oct 2023 06:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"6534c030-ac42\"\r\nExpires: Fri, 24 Nov 2023 10:34:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44098,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4487a588bf2a07e3d1936d705c5ceefd","sha1":"db193b3e2ab9fbee6eae99ced2366b1ef5f16971","sha256":"3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701","sha512":"5440427a4d89e876278383bd6faf3ec971617b5fa007fd3b586d862b39ed937aabdee7082fbb0bb1409762617749fd400af86877d34b6981f681956415cc2eb5","ssdeep":"768:zL46tOdGGbDCpQtqyHx/8wwDxDT8+MHiw5GN1Gt6ShiOG5qPq:rtOdGcGpQtqyx8wcV8+MC8GTOG5qPq","tlshash":"ac13ea50a90f4c56eacd8636cd557f3a3d370e72bc581f7b06680dc8987285faa0b1a7","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-03-23T15:41:38.715024Z","times_seen":1204,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":265,"dns":0,"connect":0,"send":0,"wait":138,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/bg2.jpg","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.524Z","timestamp":1698230059524,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/bg2.jpg HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:18 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 113635\r\nLast-Modified: Sun, 22 Oct 2023 06:24:53 GMT\r\nConnection: keep-alive\r\nETag: \"6534c035-1bbe3\"\r\nExpires: Fri, 24 Nov 2023 10:34:18 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":113635,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x941, components 3\\012- data","md5":"5e20d8c5bd6c7a06298a2663a1cc8403","sha1":"b6a831847567c49b247932edea74bbaec30dd4c5","sha256":"948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342","sha512":"164b392d07b493f2131e4251af875ce5af986446fe05478c485ffad18a4693b24f53b9df475f975a542d76ac3434437f5000ed202a15adbe70d810467b962d83","ssdeep":"1536:mppN5O01snkhINY/K2Flp5UgsJREFFoZFKotApzPaCE9l5F7GH/i4M50yY64xb1q:mHNYnkOrT7EjoZxt0Az7GrRX64p1YJ","tlshash":"5ab3d030810b89d6e113603dc7d8596b23ac207d972e9eeb6b6eb879c05e7d39167313","first_seen":"2023-04-30T23:35:33Z","last_seen":"2026-03-23T15:41:38.716098Z","times_seen":892,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":151,"dns":0,"connect":0,"send":0,"wait":138,"receive":354,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"http","addr":"144.202.72.169/favicon.ico","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:20.270Z","timestamp":1698230060270,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nCookie: _ga_GZ2WHBX513=GS1.1.1698230060.1.0.1698230060.0.0.0; _ga=GA1.1.513674161.1698230060\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":106,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-03T22:31:35.618589Z","times_seen":477139,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":138,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Fraud - Fake AntiVirus / Security software","verdict":"fraud","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","fraud"],"meta":null}]}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:19.517Z","timestamp":1698230059517,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 30 Dec 2022 00:00:00 GMT","end":"Sat, 30 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A","sha256":"A9:0D:CB:FA:8B:27:40:D5:69:3F:93:AD:77:1E:A7:F8:FA:9A:FE:2E:75:63:04:E9:12:F7:63:DD:B0:C2:87:F5"}}},"request":{"raw":"GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Oct 2023 10:34:18 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: US\r\ncdn-edgestorageid: 617, 617\r\nlast-modified: Mon, 25 Jan 2021 22:04:54 GMT\r\ncdn-cachedat: 2021-06-08 14:23:29\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncache-control: public, max-age=31919000\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncdn-requestid: 990eb37a8813a99367bd383681b974a4\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 4739774\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 81b9ce6b3813569b-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27466,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (27303)","md5":"4fbd15cb6047af93373f4f895639c8bf","sha1":"12d6861075de8e293265ff6ff03b1f3adcb44c76","sha256":"ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5","sha512":"f8be32cba15170319b5c9f663c6f0c4ffdd4083cf047d80f7b214d302b489eca25fbee66ddb9366d758a7598efc9b9a886b02c9f751ae71f207cb9db1356243a","ssdeep":"384:Qi5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:Dlr+Klk3YlKfwYUf8l8yQ/T","tlshash":"3bc230f8e54c01d66731c48bff81b36862b6f73dd5814d99f01f690c29d22a522c5bba","first_seen":"2023-04-05T07:46:17Z","last_seen":"2026-04-03T22:23:52.85255Z","times_seen":35289,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":22,"dns":12,"connect":1,"send":0,"wait":9,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"144.202.72.169/ccsabcaslk/wxxx/alert-en.wav","fqdn":"144.202.72.169","domain":"144.202.72.169","tld":"169"},"ip":{"addr":"144.202.72.169","port":80,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026","date":"2023-10-25T10:34:20.077Z","timestamp":1698230060077,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ccsabcaslk/wxxx/alert-en.wav HTTP/1.1\r\nHost: 144.202.72.169\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://144.202.72.169/ccsabcaslk/wxxx/?phone=\u0026\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx\r\nDate: Wed, 25 Oct 2023 10:34:19 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 1701582\r\nLast-Modified: Sun, 22 Oct 2023 06:24:54 GMT\r\nConnection: keep-alive\r\nETag: \"6534c036-19f6ce\"\r\nContent-Range: bytes 0-1701581/1701582\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":33020,"size_decoded":0,"mime_type":"audio/x-wav","magic":"RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz\\012- data","md5":"8ccf8765d475d89c5e372eb7b077aca3","sha1":"c063cae58befdf8ea3bb9aa12b440e36da48b219","sha256":"14f4524d99a6b5c93ef83145fe249cf28051ffc872f13052e7dd91fa7a39cf75","sha512":"7e53e834cab859594dff3b9152378062cc19f6c316c520fdc6c63163defabc410b94f35368395df7285991ab5dce2ab9cb0604695337c67876612c0fe457e9a3","ssdeep":"768:DfR21bA3nNxiKEVb349b0h7mF83Ri56IblD/N:LD3n3zEVb3u+iFoi56IxR","tlshash":"5de2ae9232a0dd18c56a8bb39d50fe904a21fc5dbd1e2a5f3a06bf2e75331a1dc54368","first_seen":"2023-10-25T12:34:42Z","last_seen":"2023-11-19T01:59:12Z","times_seen":11,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-10-25","alert":"Sinkholed","trigger":"144.202.72.169","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}