{"report_id":"e3251545-5b1a-4794-8284-5937fa0cc2b5","version":6,"status":"done","tags":[],"date":"2024-08-30T23:49:10Z","url":{"schema":"http","addr":"134.122.136.5/?invite=MDLRNUOB","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":""},"ip":{"addr":"134.122.136.5","port":0,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"http","addr":"134.122.136.5/?invite=MDLRNUOB","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"title":"yyybbb5555.cfd-😈 小女孩训练营"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-09T08:28:44Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"134.122.136.5","ip":{"addr":"134.122.136.5","port":0,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2022-06-11 00:58:53","last_seen":"2024-01-19 05:07:11","alert_count":31,"request_count":31,"received_data":837535,"sent_data":12209,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-30 18:12:09","alert_count":0,"request_count":5,"received_data":4435,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-30 18:12:14","alert_count":0,"request_count":5,"received_data":4436,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"134.122.136.5/?invite=MDLRNUOB","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":0,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"4501124266190b6934364e9ea14bb6ea","sha1":"c5a5405c05caa60b43037ecb96ff2ea3925edc11","sha256":"65acb1254db8bf3a61f46d81ed53513df96bbc89bf0bf43e5a6f3ce2e669c338","sha512":"59085c472c6325bb2a087fc2b93953f20ed06a8b145d475ec6e90aa7bfd696e110484ac5ba1cab1676e6fcbb9aa8ff92e5878da88f0aad603841d170096043c9","ssdeep":"","tlshash":"6cb01258461f40024c4371c18609801282dd2660406f0544ca089c08c14e080030a0c5","size":91,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.115347Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/jquery.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-03T20:58:52.96723Z","times_seen":68002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/madouset.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f31b3fb5ce2b1257ebf21219a0009d2","sha1":"30afeaeeeb01de4458b5d2ff1447852417884d44","sha256":"70196287cea3b87c4bc3e482cc71f63726f57e8502050df0e45bac045bd94c9a","sha512":"5827cf3ace1bbd38cb420b692d23401825e80108c98b5b30e6b7a4ed1132f722807ae0c441eb6ed1c4f290afc8586f19af1d35fdd389c26b4bac98f7fdde0371","ssdeep":"1536:NmhJ3H2IIY50b1vVyRtXp/3+gvVIIa5WsIUS:NI33ofiRsW1","tlshash":"a7332c6c758034b353e3b0a9901f660bb2715a20954b4054f23ae4f96dbcd9ea1b7f2f","size":52173,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-05-19T23:42:15.117858Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/madouym.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bf1f452e83e1f4918fa130a20a624c7","sha1":"3ac6c42fa52d23c918d9afc7bed65238d2aff707","sha256":"ea9554e3d370debb14795e7e6b5d11366b225eb38e95e3de6b935c5bb17a1422","sha512":"8f0dd9242e167f2f9b0e8f46b99606ca5d6949613b50d32e79a1d9301d99bdb19cd12f1a43f3a2d435ceda82b0d0821981856e1967f4283088630dc5af186fdc","ssdeep":"192:W3F5czysQpYcbibF0FF1L43eAI+0FF1L43eAYdntufGZdntwh4Wi5Cj7ss8iOaPx:W3FhiN3eAj3eAYdncfOdn715mOaPqM1X","tlshash":"85825395b35c652ec0f733a9853e0188ca3ee5378201c5bcf86f20a44fe19462356e6f","size":18044,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.103581Z","times_seen":138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/?invite=MDLRNUOB","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":0,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e69225a88cd5a97e5a58a7f3fda7dda","sha1":"11c2882cc90e1992b9369e7e52543a4941d879f6","sha256":"4acc18f431010e9d397010d94cba37218f2ddf50d61a71f2f14f7a9f0677c5bd","sha512":"8a107376c3ff5bcebce93a4b9fbf621f2cc321a322a500c49e74dd43db01ed32fb758ee6db380484ea88ff5ed7b9fa58f0189fdb2a969bc103e3facc1f3d7b08","ssdeep":"","tlshash":"33213a91f348239311933a745cab15cc606d21d229129e7ebc5a71ec38fc0fb7278caa","size":1144,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.115991Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/home.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad761aba5fe163a5894346b043059171","sha1":"533b41ea4088ec28bc7d976f5b2aaa6af757239d","sha256":"6a02b83cc1e0b375bbf5078f18c317e027060a210c5f3aa04e73af5928d331fb","sha512":"1d0089104fa602f289571fd9138c3ffcefd84f63d783037bb4ec76c7bbf5d2a558bfd8c0ff03e573505a7c6a7fb904a6e76d20e02f74c415864127232d80fbd0","ssdeep":"768:hRbcTTu8eMbaLbhpaDa/b7z9Ssbhe85gr9RiSo5EHIwHTQv7:hRQXdeGD/i/7","tlshash":"8403a45dbaf7146050b3317a4fbf5508327a815f1909cd48fe2e11a48fc4a4eba62bbd","size":37906,"data":"","first_seen":"2023-05-07T20:53:24Z","last_seen":"2026-05-16T13:01:21.305451Z","times_seen":169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:42.702212435Z","timestamp":1725061722702,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"35A446CEA345DBDB2C297726A3D6CC5F1088F4F9A3F65904C3B9655056EFDA06\"\r\nLast-Modified: Thu, 29 Aug 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8934\r\nExpires: Sat, 31 Aug 2024 02:17:36 GMT\r\nDate: Fri, 30 Aug 2024 23:48:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c3d1bfb12515d2f23214f980f7a18b8c","sha1":"24cc3d9048888cc7e1f4ff42b8fdc1c16c9feb46","sha256":"35a446cea345dbdb2c297726a3d6cc5f1088f4f9a3f65904c3b9655056efda06","sha512":"fea4fd9597129b2c5994efceed92d62077e51cacbf6aa7a8f7dc23422954f7ed17c4dbe13ba3622c4a7715632fbf4f811fcf1424d52104fd70fe6bd0d547ba93","ssdeep":"","tlshash":"70f00553b235bd0165f0560537a5c0709d15bcad3410cbc2d05d8265bda67eac18600c","first_seen":"2024-08-29T11:20:29Z","last_seen":"2024-09-20T20:16:30.160025Z","times_seen":25767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:42.730525167Z","timestamp":1725061722730,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2A600466BC852E883CBA5F66B9179846BA7263EA2EF806F62666923A82BB7E8D\"\r\nLast-Modified: Wed, 28 Aug 2024 14:36:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6423\r\nExpires: Sat, 31 Aug 2024 01:35:45 GMT\r\nDate: Fri, 30 Aug 2024 23:48:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e39dce5ea747184cd9620a6a6cb8835f","sha1":"bbc61ed7858f2eb5554561ba25639c1fbe6898f4","sha256":"2a600466bc852e883cba5f66b9179846ba7263ea2ef806f62666923a82bb7e8d","sha512":"98ff2a492246d847915d17cf42ff1c3db012cd5d447f73bcf25f8733717830c978f0ea398a59b04f91b17ff83ce2dadcc09cfbe47c88d86ed067baa2ddc826c5","ssdeep":"","tlshash":"4bf054fa1d767a945a71180a3bd9c00f2f20f9f53410c4c3b8d483a264627bee4e850c","first_seen":"2024-08-28T17:27:16Z","last_seen":"2024-08-31T08:36:25.961615Z","times_seen":15665,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:43.186251272Z","timestamp":1725061723186,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DDDF51C8F55BFA6412A026A2C39BA779B5C701370DBD7F2FC1AAC0E08E706C72\"\r\nLast-Modified: Wed, 28 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6474\r\nExpires: Sat, 31 Aug 2024 01:36:37 GMT\r\nDate: Fri, 30 Aug 2024 23:48:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"d1b950f0bd232ad70f30bec1a18d94b3","sha1":"c5cb139e5fc383bbfa53e29adb3f67f1133d97f7","sha256":"dddf51c8f55bfa6412a026a2c39ba779b5c701370dbd7f2fc1aac0e08e706c72","sha512":"eb7adec9968a83e48d5e9454bd2e1a5e9fbdd22d7e870fd437ed8ce335543ea096a98ae26df7562aa3efd06146ac0286f07b0481d700454cec3fba88868f8b17","ssdeep":"","tlshash":"11f00ea627f2bd809ef405993aeac62dbbf1d9bd2e1051d230c859c36c25bd09fc400c","first_seen":"2024-08-28T20:34:27Z","last_seen":"2024-08-31T08:36:25.962338Z","times_seen":18474,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:43.633885584Z","timestamp":1725061723633,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"965090DF69898508429E57657077A1625C55DD348039F37CBB2451D9460886A0\"\r\nLast-Modified: Wed, 28 Aug 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9919\r\nExpires: Sat, 31 Aug 2024 02:34:02 GMT\r\nDate: Fri, 30 Aug 2024 23:48:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fdbea8492a4c466e40797f5c241f80c0","sha1":"5b54da6a3949155c0e32e21a9c438e255ad71720","sha256":"965090df69898508429e57657077a1625c55dd348039f37cbb2451d9460886a0","sha512":"f43dec62f6c58b45fc39640690d5ede587ae9eab854f288c04a4262f26fd93b4ffa1c765bef3e3982a94097ba910d2ba9a752c6e1643b4921a772016e5d63bd2","ssdeep":"","tlshash":"c5f00ed826eee4b09abcf0082ce9d1eb0e21aead3c1c55c024ca06e0e0597e816d909c","first_seen":"2024-08-28T22:52:24Z","last_seen":"2024-08-31T08:36:25.962968Z","times_seen":18617,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:43.907809204Z","timestamp":1725061723907,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"42EF96F3682A583FD3CB8EE0B1BAC432B9419FC09D6AC873F710B075DACCF967\"\r\nLast-Modified: Wed, 28 Aug 2024 14:59:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17681\r\nExpires: Sat, 31 Aug 2024 04:43:24 GMT\r\nDate: Fri, 30 Aug 2024 23:48:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6591992aa9c521462d139c462fc32f6f","sha1":"6f55daf82fc5d3b6a4021b90e49240859831ab80","sha256":"42ef96f3682a583fd3cb8ee0b1bac432b9419fc09d6ac873f710b075daccf967","sha512":"1bd90cac0eb75f721805e2b1e2cbc8473b1d803a76ba7360a501228f333e45a53bab6a69a39e49baf1f9c0d907fca484912f09d7761dadfa515e25413beb5f31","ssdeep":"","tlshash":"5cf00e8308b3bdf5eea488526eaad42aae34a9783c5440e020c1c1c2bd01fde47d584e","first_seen":"2024-08-31T08:28:45.12585Z","last_seen":"2024-08-31T08:28:45.12585Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"134.122.136.5/?invite=MDLRNUOB","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":0,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-30T23:48:43.245Z","timestamp":1725061723245,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?invite=MDLRNUOB HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:44 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: user_ts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\ninvite=MDLRNUOB; path=/\ntj=666; path=/\nload_state=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_autoe=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_img=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_time=0\nnotice_state=1\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":9047,"size_decoded":94686,"mime_type":"","magic":"HTML document, Unicode text, UTF-8 text","md5":"359abb524330a288b6b6f1d6b9698a5c","sha1":"c2489ae50a11f16237f4daef974df6ea08b90e39","sha256":"d4ff4b444e924b156fe409ebc265e904876df0460eec5f0e05fcdf4916242892","sha512":"bd03f8af90edc3b2119146911ee58d3b9d82f7a8374bcd234e7da586e639432b9a539c906b749baaa6fbecf3b485299677baaab90c8806d6b9f6724cd083abf1","ssdeep":"768:jiKPZWaYov/JTxu7rJaZfM/VajFB2SH5+:jiKPZWaYov/JTxu7EZfM/Vaj2SHc","tlshash":"cf937961918d2f77011346c3a02437de306fefb1e8578492f6f7922887d6d86a987c6b","first_seen":"2024-08-31T08:28:45.127041Z","last_seen":"2024-08-31T08:28:45.127041Z","times_seen":1,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":0,"dns":0,"connect":283,"send":0,"wait":0,"receive":0,"ssl":383},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/css/swiper.min.css","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.333Z","timestamp":1725061725333,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/css/swiper.min.css HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-3d6a\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4688,"size_decoded":15722,"mime_type":"text/css","magic":"ASCII text, with very long lines (2254), with CRLF line terminators","md5":"b391cb7a46bd7431b031b9a9b782f3b5","sha1":"fb4925183db37d4d503af50ed56db2f95984a9fa","sha256":"3444efd696844e7b8985870859a1799275ed6ffb25bbf1e352ecc3b0840ca48e","sha512":"62be2ac5e37263703a49a975070f095d767566a8f375b5fab852e3746153f423dd9587acfe5b7acd4f3c51b706d8e0ce304787f59dbee2ccc7cab913849b1d4f","ssdeep":"384:TtUbeQZ9nU8MjVFCmlNPdJM7BhFBvDl5X+FoBLMgx9P:Tybh9nUnjVFCmlNPdJM7BhFBvDl5X+F6","tlshash":"5d6221201721346ba3234f6d1bb1a7759fa488a35e43489db1c0ed48d7f94f8b32f5a9","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.090013Z","times_seen":126,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:45.710262016Z","timestamp":1725061725710,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"046AD0EF1EDF8B14AA2CF41003A5110A407E8FA1B6E81EEA7ABDAF2A0C43CD2A\"\r\nLast-Modified: Wed, 28 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5334\r\nExpires: Sat, 31 Aug 2024 01:17:39 GMT\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ef027163bf75ba005d26e45baa952209","sha1":"d2c6e867dec63f1f0eff9895c06a43520b1614dd","sha256":"046ad0ef1edf8b14aa2cf41003a5110a407e8fa1b6e81eea7abdaf2a0c43cd2a","sha512":"b00db6421ef089d5e3788cc9af149d59af5a442c07699c217036f7530f2f2269a2403ac801679c0abc2465b7fbefae36273edf7500e08d623a864df679d193d7","ssdeep":"","tlshash":"8ef00ec235395c8108a80c3a4bc5e07b1e200ff85e888598a2a883e078637ee15c660c","first_seen":"2024-08-28T20:43:26Z","last_seen":"2024-08-31T08:32:12.188821Z","times_seen":10667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:45.713713832Z","timestamp":1725061725713,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"046AD0EF1EDF8B14AA2CF41003A5110A407E8FA1B6E81EEA7ABDAF2A0C43CD2A\"\r\nLast-Modified: Wed, 28 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5334\r\nExpires: Sat, 31 Aug 2024 01:17:39 GMT\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ef027163bf75ba005d26e45baa952209","sha1":"d2c6e867dec63f1f0eff9895c06a43520b1614dd","sha256":"046ad0ef1edf8b14aa2cf41003a5110a407e8fa1b6e81eea7abdaf2a0c43cd2a","sha512":"b00db6421ef089d5e3788cc9af149d59af5a442c07699c217036f7530f2f2269a2403ac801679c0abc2465b7fbefae36273edf7500e08d623a864df679d193d7","ssdeep":"","tlshash":"8ef00ec235395c8108a80c3a4bc5e07b1e200ff85e888598a2a883e078637ee15c660c","first_seen":"2024-08-28T20:43:26Z","last_seen":"2024-08-31T08:32:12.188821Z","times_seen":10667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:45.719737205Z","timestamp":1725061725719,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"046AD0EF1EDF8B14AA2CF41003A5110A407E8FA1B6E81EEA7ABDAF2A0C43CD2A\"\r\nLast-Modified: Wed, 28 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5334\r\nExpires: Sat, 31 Aug 2024 01:17:39 GMT\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ef027163bf75ba005d26e45baa952209","sha1":"d2c6e867dec63f1f0eff9895c06a43520b1614dd","sha256":"046ad0ef1edf8b14aa2cf41003a5110a407e8fa1b6e81eea7abdaf2a0c43cd2a","sha512":"b00db6421ef089d5e3788cc9af149d59af5a442c07699c217036f7530f2f2269a2403ac801679c0abc2465b7fbefae36273edf7500e08d623a864df679d193d7","ssdeep":"","tlshash":"8ef00ec235395c8108a80c3a4bc5e07b1e200ff85e888598a2a883e078637ee15c660c","first_seen":"2024-08-28T20:43:26Z","last_seen":"2024-08-31T08:32:12.188821Z","times_seen":10667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:45.721837Z","timestamp":1725061725721,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"046AD0EF1EDF8B14AA2CF41003A5110A407E8FA1B6E81EEA7ABDAF2A0C43CD2A\"\r\nLast-Modified: Wed, 28 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5334\r\nExpires: Sat, 31 Aug 2024 01:17:39 GMT\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ef027163bf75ba005d26e45baa952209","sha1":"d2c6e867dec63f1f0eff9895c06a43520b1614dd","sha256":"046ad0ef1edf8b14aa2cf41003a5110a407e8fa1b6e81eea7abdaf2a0c43cd2a","sha512":"b00db6421ef089d5e3788cc9af149d59af5a442c07699c217036f7530f2f2269a2403ac801679c0abc2465b7fbefae36273edf7500e08d623a864df679d193d7","ssdeep":"","tlshash":"8ef00ec235395c8108a80c3a4bc5e07b1e200ff85e888598a2a883e078637ee15c660c","first_seen":"2024-08-28T20:43:26Z","last_seen":"2024-08-31T08:32:12.188821Z","times_seen":10667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-30T23:48:45.722976434Z","timestamp":1725061725722,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"046AD0EF1EDF8B14AA2CF41003A5110A407E8FA1B6E81EEA7ABDAF2A0C43CD2A\"\r\nLast-Modified: Wed, 28 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5330\r\nExpires: Sat, 31 Aug 2024 01:17:35 GMT\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ef027163bf75ba005d26e45baa952209","sha1":"d2c6e867dec63f1f0eff9895c06a43520b1614dd","sha256":"046ad0ef1edf8b14aa2cf41003a5110a407e8fa1b6e81eea7abdaf2a0c43cd2a","sha512":"b00db6421ef089d5e3788cc9af149d59af5a442c07699c217036f7530f2f2269a2403ac801679c0abc2465b7fbefae36273edf7500e08d623a864df679d193d7","ssdeep":"","tlshash":"8ef00ec235395c8108a80c3a4bc5e07b1e200ff85e888598a2a883e078637ee15c660c","first_seen":"2024-08-28T20:43:26Z","last_seen":"2024-08-31T08:32:12.188821Z","times_seen":10667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/home.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.344Z","timestamp":1725061725344,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/home.js HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-9412\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10433,"size_decoded":37906,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677)","md5":"ad761aba5fe163a5894346b043059171","sha1":"533b41ea4088ec28bc7d976f5b2aaa6af757239d","sha256":"6a02b83cc1e0b375bbf5078f18c317e027060a210c5f3aa04e73af5928d331fb","sha512":"1d0089104fa602f289571fd9138c3ffcefd84f63d783037bb4ec76c7bbf5d2a558bfd8c0ff03e573505a7c6a7fb904a6e76d20e02f74c415864127232d80fbd0","ssdeep":"768:hRbcTTu8eMbaLbhpaDa/b7z9Ssbhe85gr9RiSo5EHIwHTQv7:hRQXdeGD/i/7","tlshash":"8403a45dbaf7146050b3317a4fbf5508327a815f1909cd48fe2e11a48fc4a4eba62bbd","first_seen":"2023-05-07T20:53:24Z","last_seen":"2026-05-16T13:01:21.305451Z","times_seen":169,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":200,"dns":0,"connect":272,"send":0,"wait":274,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/css/app.css?v=666","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.328Z","timestamp":1725061725328,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/css/app.css?v=666 HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 26 Sep 2023 14:21:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6512e8f3-34f7b\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44802,"size_decoded":216955,"mime_type":"text/css","magic":"ASCII text","md5":"5b9d9e226c3697928c30b0afc4a1986a","sha1":"a271568455dee0f522f325a84f03c63e34879338","sha256":"d3af0ee066fb75e5ffde922a8d1ad940432b2a596ca19962cb66118ea88f10c1","sha512":"340ad83c6717c9babaa222c2d9abff144e9ae45c686f218816938833246ab50f7ad1efafdaf353c15f49ab8250fd7747284feb4dc8e2c42d18a377d14261ff3c","ssdeep":"6144:BxBNfUhBATuEJgyzKSUNukGxyCEWL1PTjo1zPL7/Itdr2540LlcUdgUF+PBHJSvX:BxBNfUhBATuEJgyz9UNukGxyCEWL1PTI","tlshash":"76243378a84d3dd713aee4887f887b106b29f5b5dd091d9ae143bc6cc3c52a80192bcd","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.102827Z","times_seen":121,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":525,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/madouym.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.339Z","timestamp":1725061725339,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/madouym.js HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 05 Nov 2023 04:35:04 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"65471b78-467c\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4804,"size_decoded":18044,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8bf1f452e83e1f4918fa130a20a624c7","sha1":"3ac6c42fa52d23c918d9afc7bed65238d2aff707","sha256":"ea9554e3d370debb14795e7e6b5d11366b225eb38e95e3de6b935c5bb17a1422","sha512":"8f0dd9242e167f2f9b0e8f46b99606ca5d6949613b50d32e79a1d9301d99bdb19cd12f1a43f3a2d435ceda82b0d0821981856e1967f4283088630dc5af186fdc","ssdeep":"192:W3F5czysQpYcbibF0FF1L43eAI+0FF1L43eAYdntufGZdntwh4Wi5Cj7ss8iOaPx:W3FhiN3eAj3eAYdncfOdn715mOaPqM1X","tlshash":"85825395b35c652ec0f733a9853e0188ca3ee5378201c5bcf86f20a44fe19462356e6f","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.103581Z","times_seen":138,"resource_available":true,"data":null}},"time_used":1305,"timings":{"blocked":455,"dns":0,"connect":272,"send":0,"wait":263,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/swiper-bundle.min.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.342Z","timestamp":1725061725342,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/swiper-bundle.min.js HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-221f0\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42776,"size_decoded":139760,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-05-22T02:33:46.687586Z","times_seen":187,"resource_available":true,"data":null}},"time_used":1059,"timings":{"blocked":201,"dns":0,"connect":273,"send":0,"wait":286,"receive":299,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/madouset.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.337Z","timestamp":1725061725337,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/madouset.js HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-cbcd\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19475,"size_decoded":52173,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22031), with CRLF line terminators","md5":"5f31b3fb5ce2b1257ebf21219a0009d2","sha1":"30afeaeeeb01de4458b5d2ff1447852417884d44","sha256":"70196287cea3b87c4bc3e482cc71f63726f57e8502050df0e45bac045bd94c9a","sha512":"5827cf3ace1bbd38cb420b692d23401825e80108c98b5b30e6b7a4ed1132f722807ae0c441eb6ed1c4f290afc8586f19af1d35fdd389c26b4bac98f7fdde0371","ssdeep":"1536:NmhJ3H2IIY50b1vVyRtXp/3+gvVIIa5WsIUS:NI33ofiRsW1","tlshash":"a7332c6c758034b353e3b0a9901f660bb2715a20954b4054f23ae4f96dbcd9ea1b7f2f","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-05-19T23:42:15.117858Z","times_seen":167,"resource_available":true,"data":null}},"time_used":1122,"timings":{"blocked":208,"dns":0,"connect":273,"send":0,"wait":284,"receive":356,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/jquery.js","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.335Z","timestamp":1725061725335,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/jquery.js HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-169d5\"\r\nExpires: Sat, 31 Aug 2024 11:48:45 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36739,"size_decoded":92629,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-03T20:58:52.96723Z","times_seen":68002,"resource_available":true,"data":null}},"time_used":1132,"timings":{"blocked":200,"dns":0,"connect":262,"send":0,"wait":266,"receive":403,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/triangle.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.349Z","timestamp":1725061725349,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/triangle.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 371\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nConnection: keep-alive\r\nETag: \"650f0ed4-173\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":371,"size_decoded":371,"mime_type":"image/png","magic":"PNG image data, 32 x 60, 8-bit/color RGBA, non-interlaced","md5":"5b25adfe7484ae3f5e9cbcf7cb1be19d","sha1":"11d4d45c14b95bfa12c511079a049bd46d87ef43","sha256":"84b8cb82085d34293d82bf23c044bc9e56d9530cd67b6056314ac60a5f76ecbb","sha512":"00ecd12aaccc57c398532565867b5cd81d9d7469de177dd27ab68d9a582bb4a665e0e42e2ef590ea83343d902910644195dee46154e058a98da1e89eb7eae622","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.08354Z","times_seen":140,"resource_available":false,"data":null}},"time_used":1121,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/logo.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.345Z","timestamp":1725061725345,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/logo.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-b61\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2702,"size_decoded":2913,"mime_type":"image/png","magic":"PNG image data, 324 x 66, 8-bit colormap, non-interlaced","md5":"0152d2dfa9d7b60813134cd8e8dc577f","sha1":"329e4c831a258be284c52a870851eca5702f8281","sha256":"63697efaf8b5870ba5ae44e436b5d154988d9d73e50c79f35ba8a92eb038fb8c","sha512":"be09d5dc81e4dc668f2c9888ea3895bd0de59dd18a4ea75ce6d8db9c9db73695fdab65b365177b8e5a7a0c5639e2a460d48e413f23f51052ff809c57f8fadd77","ssdeep":"","tlshash":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.091908Z","times_seen":138,"resource_available":false,"data":null}},"time_used":1142,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/gotop.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.351Z","timestamp":1725061725351,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/gotop.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-ad6\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2519,"size_decoded":2774,"mime_type":"image/png","magic":"PNG image data, 57 x 59, 8-bit/color RGBA, non-interlaced","md5":"1aeae4b293c9035e595ef7ac57ed8c6e","sha1":"20ea4c63148bcaf3a62f81abfb29d64439953d41","sha256":"66b5ee7b280446615a924d461e2750659816148e194f8c006e420123103d9f88","sha512":"7fc41c43d30bda0d5fb383b86da5cfe3c1fbcde1f71042a6cdaa8c24da070cc5138f2e8ba3c2ea3475bba290b843eb5b0a90ce8930884553628d639edab85d48","ssdeep":"","tlshash":"","first_seen":"2023-05-17T19:17:02Z","last_seen":"2026-05-17T10:59:21.109635Z","times_seen":167,"resource_available":false,"data":null}},"time_used":1135,"timings":{"blocked":853,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/theme/default/layer.css?v=3.1.1","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.271Z","timestamp":1725061726271,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-44c4\"\r\nExpires: Sat, 31 Aug 2024 11:48:46 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3517,"size_decoded":17604,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"fc7d431ac4ceb16de8a771bebac4432f","sha1":"7ab0140cef151fc35d465cce8da0e08a3c5cf14e","sha256":"2669a641d98e2fed992f80609e2fa3b4b592982450ac42e949404fc8c8fe5ccf","sha512":"721729ce5128fec0b320beec8d6de6b363d35d764f0c3d9f5108510f02ac42b52ac3af84bb423bcc5d718920f841afa2d2f85b2bd59fb3b1330cd79281bec104","ssdeep":"192:NHBa0BqWUiNTI21a5xBJS3MlRLMFFJ8r0uAYBRxXy6:Nha4qSTI35LJS3g6FJy0uZRFy6","tlshash":"7882faa5a54211cd73035a15e7fd2b72adf4ac22e92b48adf1d7380f4388669733219b","first_seen":"2024-04-27T03:11:02Z","last_seen":"2026-04-07T22:15:38.094698Z","times_seen":212,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/css/alert.css","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.275Z","timestamp":1725061726275,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/css/alert.css HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-1565\"\r\nExpires: Sat, 31 Aug 2024 11:48:46 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1589,"size_decoded":5477,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"cce2dda4fb5f3c01f993a181a60059b8","sha1":"3303bed32c0f41a95925f1343f2f724faeae1c73","sha256":"63a5c02720182972e71d033c66981f727ad9d26cd81f62fe41d9dc92f272f03c","sha512":"8bf412d8b8a4992b2d2d9616d1024aa487751b8fe708fe6a1845871a1b27941d3d1f05ba0b9e37d000c2330555c657fa3c0c6b5e957075fec091e3210a8d29be","ssdeep":"96:Aoe3ieJ2nHrlrrrcrZr7+0rYrW+0tiKtwmwt9Dft9+ytYrtGYt3txKtRcitUrn/1:AlyIEyODD+HrmqJRIBgSQ","tlshash":"85b1ef013fad3038d62f4273fe97ae44de29049256d36fdfb46958cd86cb48632ab590","first_seen":"2024-08-07T22:02:10Z","last_seen":"2026-04-07T22:15:38.113393Z","times_seen":74,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/download.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.326Z","timestamp":1725061726326,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /download.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 27 Jul 2024 14:46:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66a5085d-14bb\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5213,"size_decoded":5307,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"3080d73b7cc7503aaf9d78a902186ceb","sha1":"a5fc473ad3a315d1a7c2d412c140ad033d4f0c41","sha256":"0dccf73afc055b51143298ab29a4ddf2e957575c8b34b0b20002131114884c5a","sha512":"734cef123a8bcd359b0eea8854a6ee9d080e5801a3742f8140fb5395f412de3f9df9e17e23c26af42c77b85f8973fd1deeb1bdbf88adb2728c9ecfd6bc7aaaed","ssdeep":"96:9Znw6SOHboOKAyYviM/5vekwZ5jh+BaDxwKm089GRuW5MICYE9o7nolCmNZp3nR:LbSOHboOKyHyh+BGxwKg9GZx7E9Tj","tlshash":"6fb19dccd429d0a45b7030248be30310cee1d687200b00496d39813f8a6bfbba2dcad6","first_seen":"2024-07-27T22:09:08Z","last_seen":"2026-04-07T22:15:38.111501Z","times_seen":80,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":210,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/category.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.322Z","timestamp":1725061726322,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/category.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.122.136.5/MDassets/css/app.css?v=666\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 391\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nConnection: keep-alive\r\nETag: \"650f0ed4-187\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":391,"size_decoded":391,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"e3f6d56833c281176d850aa23206032d","sha1":"04ea23ebe5352d2f148c50f7ba3da6460b5ac092","sha256":"ee35b1223a8835d8b68f15db71b866144f5ace6fc56650a197eaefac94da47c8","sha512":"84f3a754139a74cc2cacc2cced04dbbbdc6022c7f638277812f7e0b3dd9cbc73e4c3a246ada685a71f50f5404efffeccf45decb7006ed60be1d125e547388a2e","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.113999Z","times_seen":137,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/collect.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.330Z","timestamp":1725061726330,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/collect.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.122.136.5/MDassets/css/app.css?v=666\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 788\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nConnection: keep-alive\r\nETag: \"650f0ed4-314\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":788,"size_decoded":788,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"46e501426ace4e9d006856effd51897c","sha1":"8baeebde03d2604c890204d22d3070181fc92404","sha256":"b6f62294654776a048d100fd19eca5bcc121110287052b6b7d40d69a7b01fd13","sha512":"03a224f1725c0a2da461bfd5cfed5091da7c3b567f065bc7117a2aefc125a5e8201cd959c676e678169bb5a44b211f567acb75aa9e7f2bf03b7be531ff645405","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.112279Z","times_seen":138,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":206,"dns":0,"connect":0,"send":0,"wait":284,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/js/swiper-bundle.min.js?_=1725061726257","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.459Z","timestamp":1725061726459,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/js/swiper-bundle.min.js?_=1725061726257 HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-221f0\"\r\nExpires: Sat, 31 Aug 2024 11:48:46 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42776,"size_decoded":139760,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-05-22T02:33:46.687586Z","times_seen":187,"resource_available":true,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/shopicon.gif","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:45.352Z","timestamp":1725061725352,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/shopicon.gif HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/gif\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-1c579\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":107332,"size_decoded":116089,"mime_type":"image/gif","magic":"GIF image data, version 89a, 137 x 157","md5":"919b9dee46db898c9ef5d8c195d58461","sha1":"232b5b5bb6a544f951896f30f11e0280d60b1ee2","sha256":"ef5d41e64f546e11f902e4e180cb309136d3c8518a7365c46100a88c05ca46d9","sha512":"ff3864a16c76d75a616ba6f01f3f86833615cf9c27e0dd2113abf8a71909c4f12143df3df14d69aa2769a738505609e3227e947fd7595a4b02feb46cc4158b22","ssdeep":"","tlshash":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.084565Z","times_seen":134,"resource_available":false,"data":null}},"time_used":1712,"timings":{"blocked":852,"dns":0,"connect":0,"send":0,"wait":282,"receive":578,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/member.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.334Z","timestamp":1725061726334,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/member.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.122.136.5/MDassets/css/app.css?v=666\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-41f\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1080,"size_decoded":1055,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"1902935df78ca5465e6f6b215bde677c","sha1":"e73a75134c93b342f5a0749514752292bba5dd95","sha256":"96df3fd7629b59de7e354fc0f3dbffcbb041e7bd39e1641dd9874475eb2ff9b4","sha512":"4fdc7470dd0ccb71fabe228f00179100e0886efa7412b6a91df33de4a8daaa76ba220136e4bce8b6a228991eca29f58de9438bae487f4907674d26c3b971599d","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.095767Z","times_seen":132,"resource_available":false,"data":null}},"time_used":954,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":268,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/infobg.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.462Z","timestamp":1725061726462,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/infobg.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-21ce\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8682,"size_decoded":8654,"mime_type":"image/png","magic":"PNG image data, 560 x 174, 8-bit colormap, non-interlaced","md5":"924543ee9462c199425ffbf0c1ed7e67","sha1":"4e03fd6e33ea47eb03b81fda56737c9bc78c9b6b","sha256":"e71566f528e854ce6a3cc02de409f7424051a88928ed66107e1c629e0f09ff7f","sha512":"a2b11ea71ebaf9127d3963fca5d9d91bf20662c393270d9cbfd8623ec477ff012752a8e8507f312515ce6a64e7f74761fb581e419b89c8da68b641d6450af81b","ssdeep":"","tlshash":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.114682Z","times_seen":137,"resource_available":false,"data":null}},"time_used":876,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":271,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/loading_h.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.306Z","timestamp":1725061726306,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/loading_h.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-13e9\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5067,"size_decoded":5097,"mime_type":"image/png","magic":"PNG image data, 340 x 227, 8-bit colormap, non-interlaced","md5":"3fb82d96c8fcd4b8ea5a8b6fe8135c02","sha1":"6fec7527d517e9842d26c88c00863953d9adc4c7","sha256":"f89fa2acd64a3da25c5314347ba88af44ef70749c42671c274b3f5461f6a0cd9","sha512":"bddb339dec4e280a15005ecb1c094fd28fdcd13565259e531c817b5f1cb1373485b5364711eaaa3ccac0fbe7198cf647d7c06558832f3bc9f2bffeabc457f373","ssdeep":"","tlshash":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.08593Z","times_seen":131,"resource_available":false,"data":null}},"time_used":1064,"timings":{"blocked":806,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/4455ffe5/6757.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.709Z","timestamp":1725061726709,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/4455ffe5/6757.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafe-fc84\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57749,"size_decoded":64644,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1080x1920, components 3","md5":"a12a880f1096765fd41c834b2c141767","sha1":"6cd69482de36e8b12cd5c099de88e5a4d66cb1aa","sha256":"57d33d7ea794a517112a0211d04350b0fa91c6d82a06b620cd4c5c497c79c44d","sha512":"c514349ac3fcd55fdd17c60c8386fe7b4f34d0fa2c0b73a24dbe874dbd66ac3a9bb259f56f6fdbad6c47e53c460a98c5dcdb75eb71b34c2487f80043e2e3bd00","ssdeep":"1536:jMDreIHnw2jUGl5/US5JDZ1EvnWldVNchrRbRh56Br:IDrdw2jD7zJDZ1GWHVihrRbRhIZ","tlshash":"4c53f13bc283a5498cf5f7fde90da5b1ec4053aca7f6b9468113ef53839061b8485e62","first_seen":"2024-08-31T08:28:45.14143Z","last_seen":"2024-08-31T08:28:45.14143Z","times_seen":1,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":527,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/651faf15/6761.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.711Z","timestamp":1725061726711,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/651faf15/6761.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafe-1552f\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83613,"size_decoded":87343,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1080x1920, components 3","md5":"13e45edd6cf5fab4f9f4669d9fcd7f22","sha1":"4caae0ac9fb2f8062f3c16679d66581a0b5e793f","sha256":"78dd2fc9d50b07ee8cf0c5e403efe0b1f330ef692ed97a8e7512fd6eb824818a","sha512":"f9887f7062ea69bae7a6f9298f1171097ef22cb0ae57f3646daf83b273cd6c92e4feaee7cb388f6f320f58cca108745f306c97255ce28ade51a9294f5f050537","ssdeep":"1536:mCZcTYqd72VFTWLTIu8/8SpcQESWF3/n4PPBJ8BMXwgRrKhf4INhfXxdSRT3CotE:yTHZIQIrESpPmv4FX9GhfdhfxwT3lun1","tlshash":"d1830267b561f19e0da25cf25409e244222284a1bc387f025ee2d6d733f621a3f739f5","first_seen":"2024-08-31T08:28:45.142686Z","last_seen":"2024-08-31T08:28:45.142686Z","times_seen":1,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":561,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/55ee5384/6722.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.715Z","timestamp":1725061726715,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/55ee5384/6722.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafe-f3a6\"\r\nExpires: Sun, 29 Sep 2024 23:48:46 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58457,"size_decoded":62374,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1080x1440, components 3","md5":"62feb9f13cc7440a4c5b65e3bc01d54b","sha1":"4ef7923dc274fcfcb52c9049b30c531fb37ca68a","sha256":"8cd80935da645fa818db910e4c19ed044c1610bdf6b8a54a791acc35140858bc","sha512":"5f4cce9f213e247f229558f8af32287af57e5a3254269096c1798076edbb7e3cb84f39ee9a1166ee06e6be238d119057b4e5be88c1cb7274c20b41d4ff432ae4","ssdeep":"1536:meXruQGXdFnUtV15P1z/zRHVh7GjJdKgMOidVLGUXhuVvGb:JSLXdRK1/jznh7uMVLGuhuNG","tlshash":"c853022f5835a0ccb08fcff5b9149759e920afd471aaf9073603e60377542eb8495a8e","first_seen":"2024-08-31T08:28:45.143998Z","last_seen":"2024-08-31T08:28:45.143998Z","times_seen":1,"resource_available":false,"data":null}},"time_used":883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":600,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/long_active.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.319Z","timestamp":1725061726319,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/long_active.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.122.136.5/MDassets/css/app.css?v=666\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 760\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nConnection: keep-alive\r\nETag: \"650f0ed4-2f8\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":760,"size_decoded":760,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"202b803a9d536a29e717e8bee2cbb8a6","sha1":"0bac9bd4cd18ce4a4abc63a823cc3df420a4f68b","sha256":"3ca8946a24c04ac910d8283fc6ef71801e214efae56d9aadb3089fd86f005368","sha512":"550774061326c8fae6d0661e702c49a94e2af5f0f524a6d523178b38a8616d53c754b785ad0345dcafb650b9e191c0c7462720cda6521653608aa248ad27f2d5","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.106005Z","times_seen":122,"resource_available":false,"data":null}},"time_used":1273,"timings":{"blocked":969,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/86617524/6723.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.720Z","timestamp":1725061726720,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/86617524/6723.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafe-1612d\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88374,"size_decoded":90413,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1080x1440, components 3","md5":"3880023528dc2b78582a86320af37ca6","sha1":"1bf39808aadce13c401b861a2fe2911b00f319d6","sha256":"462e70b848d0019fcfc946456d5223f3af2ce25beafb1b4084d3f99fdc047220","sha512":"41133880b1fa3198b79d8b8427a8d70231ece3079763f15d54c2838e078236764dc09c561a180a4405f7bb91ef1ba59d21c40dd945b3acffc48d0b418d340685","ssdeep":"1536:my5HaoPw7oBK9GkDyhWdcz+oh5weUjw3tvb5RG/AzusaANbzn8V41:tHj4uhdaoh5pUjk5U/QaA18Vg","tlshash":"d4930211e311ad78451fab35c6833e9a8297b3668c48f363e131cd3c16a4b5e158bbd5","first_seen":"2024-08-31T08:28:45.145767Z","last_seen":"2024-08-31T08:28:45.145767Z","times_seen":1,"resource_available":false,"data":null}},"time_used":915,"timings":{"blocked":618,"dns":0,"connect":0,"send":0,"wait":274,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/b05f017d/6759.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.723Z","timestamp":1725061726723,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/b05f017d/6759.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafe-de47\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52045,"size_decoded":56903,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1080x1440, components 3","md5":"77f9fe3009e336b963f48d66fa04805c","sha1":"9da10055b492a1d08efc0eee4f09344a83ff683e","sha256":"34f1b25e23329bf0dc6d25398144ab8a9a42016a650135cd4e778f573cd69543","sha512":"b4506e47793e058b0b5425a87c9930d8fff974e6ef3e886ef968fcdfe7fb78b59b87c7427934e79eb9a3fe61b66329160b101782385afb16dec72f88333860b4","ssdeep":"1536:jePQIWkWuQGIoNScq9JS1oS9EIuLcflTab90:KPQIWMZIOScmvSVfabi","tlshash":"be43f13788ed08e36977a7bee03e82cb2120527d76f770943453ea85349806471e2d79","first_seen":"2024-08-31T08:28:45.147102Z","last_seen":"2024-08-31T08:28:45.147102Z","times_seen":1,"resource_available":false,"data":null}},"time_used":946,"timings":{"blocked":648,"dns":0,"connect":0,"send":0,"wait":265,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/thumb/20240830/77e8f2cc/6709.jpg","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.725Z","timestamp":1725061726725,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /thumb/20240830/77e8f2cc/6709.jpg HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 30 Aug 2024 15:53:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66d1eafc-aef0\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42366,"size_decoded":44784,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 720x1280, components 3","md5":"c20005a56f95f06acdd15679fa7f8710","sha1":"6771973b22fae6a89a74ae113f9024552aa8497f","sha256":"dcfcab664c0869118c3cdede7426689bf9e66afdd60b6ec6d22412772934f303","sha512":"fa7811850708d84eb489f0c0c89cd8022065b8d185374db62182cb0ce7a526506d9013747756a2d44fac702c159271b329506a56704dcd2205e2a428c3e7aa0f","ssdeep":"768:I2H2YS2MhdB9fsfmQAkDi4RogzJs3QqePJyc+g+Z0mfdDPA06ovndaOc:I2Hehpfsfm1kW4RoTDeJPTmJYFMdaOc","tlshash":"3e13e00b9b14c382d0c04af22d93ec941da1b30caef638954e47dfdb75997a429f8da5","first_seen":"2024-08-31T08:28:45.148355Z","last_seen":"2024-08-31T08:28:45.148355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":771,"dns":0,"connect":0,"send":0,"wait":256,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/img/icons/apple-touch-icon-152x152.png","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:47.773Z","timestamp":1725061727773,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/img/icons/apple-touch-icon-152x152.png HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"650f0ed4-2335\"\r\nExpires: Sun, 29 Sep 2024 23:48:47 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8352,"size_decoded":9013,"mime_type":"image/png","magic":"PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced","md5":"80f4331a8e2711d076e3344a57b6ec6b","sha1":"21bdafc5799e1cfeb5a0b5145e856e79b4c67f6a","sha256":"d220d6670b94e024f553f1744a7159439bdd19abf8021a2bcd8c7f541a618b52","sha512":"a6cdfd80f9a6cc98e478e5dbf072e6701618a059932f44fef148647b75edfd2fd94866e1a97bea841c227a1453c4b6f4f81bebb93d62a82f7e3dbc0ee5acb8ff","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.088493Z","times_seen":139,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/favicon.ico","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:47.778Z","timestamp":1725061727778,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:47 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 1150\r\nLast-Modified: Sun, 15 Oct 2023 05:07:27 GMT\r\nConnection: keep-alive\r\nETag: \"652b738f-47e\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1150,"size_decoded":1150,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"e491a5cc2e92ecc7319ec1cf6992550e","sha1":"3afe14f34a96bc28e5ed0673e1dff0af53f1f850","sha256":"2aec32b9e2848c7215569d4269a567af10fb4a955925290042ca376488c176e8","sha512":"65eef11ffd2081656e43d1ae1170b9dfd6e66030e6fd9477b9ee0d5ca59110de1e703d20fc0750bfdaa6874d5349107aa4358d1460635afda14cfe363c99dd52","ssdeep":"","tlshash":"","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-05-04T15:08:31.011353Z","times_seen":170,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.122.136.5/MDassets/fonts/fa-solid-900.b15db15.woff2","fqdn":"134.122.136.5","domain":"134.122.136.5","tld":"5"},"ip":{"addr":"134.122.136.5","port":80,"asn":64050,"as":"BGPNET Global ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://134.122.136.5/?invite=MDLRNUOB","date":"2024-08-30T23:48:46.397Z","timestamp":1725061726397,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /MDassets/fonts/fa-solid-900.b15db15.woff2 HTTP/1.1\r\nHost: 134.122.136.5\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.122.136.5/MDassets/css/app.css?v=666\r\nCookie: invite=MDLRNUOB; tj=666; load_time=0; notice_state=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 30 Aug 2024 23:48:46 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 79444\r\nLast-Modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nConnection: keep-alive\r\nETag: \"650f0ed4-13654\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":79444,"size_decoded":79444,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 79444, version 331.524","md5":"b15db15f746f29ffa02638cb455b8ec0","sha1":"75a88815c47a249eadb5f0edc1675957f860cca7","sha256":"7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7","sha512":"84e621ac534c416cf13880059d76ce842fa74bb433a274aa5d106adbda20354fa5ed751ed1d13d0c393d54ceb37fe8dbd2f653e4cb791e9f9d3d2a50a250b05f","ssdeep":"1536:ogXevisOzyu5r4HjEIe9vyJFdiTCHnegAZ64RPmF17k+GbpJ0VxZrtbz:oTvissyu5eb0ciORAZ64Qrk+0Mzbz","tlshash":"6b7302c68d4ae504c87e0daa36b5a96651be9fc5720e4df6e8700cbcf1f12dc0266d19","first_seen":"2023-04-05T14:18:50Z","last_seen":"2026-06-03T20:59:56.136727Z","times_seen":25877,"resource_available":false,"data":null}},"time_used":715,"timings":{"blocked":139,"dns":0,"connect":0,"send":0,"wait":259,"receive":317,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-30","alert":"Sinkholed","trigger":"134.122.136.5","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}