{"report_id":"e5735b6f-b045-40cd-896a-d7a4ab93e91e","version":6,"status":"done","tags":[],"date":"2026-01-30T01:51:27Z","url":{"schema":"http","addr":"ctkkponbri.com","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"ctkkponbri.com/","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"title":"𝙆𝙪𝙥𝙤𝙣 𝙐𝙣𝙙𝙞𝙖𝙣 | 𝘽𝙖𝙣𝙠 𝘽𝙍𝙄 𝟮𝟬𝟮𝟱","dom":{"size":9559,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (679)","md5":"8be9601c87a3374620c2a441ff6f92e3","sha1":"004c0660f33cdcc8eb96c7e120c3de82d9ac149d","sha256":"4968d4c667597e9fe322b8bf830e2663cf673e3842518e0f99cdc9d24a10317e","sha512":"be77a452602a3f1f022b3fa6b1343ee4792149411b082b6cd271aa531fbd6c3b70efae64633e66ef98f1bd9f217c0dc2526e5c452ae3b45bdd900439ae212b13","ssdeep":"192:dwChj5jeh2F202F2TGAOtprkeNsNq/Y+Q89Q6:dwChj5jeh2F202F2mp4emNq/Y+H9Q6","tlshash":"1f12b6e3d15604060225c4206b617e8857398883c75e8ca7719d27cfafe9ba4d6733d6","dom_hash":"domhash05ba288c9887381acea3d6224df7a8bd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ctkkponbri.com","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-06T01:51:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ibanking-bankjateng.whf.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-01-25T22:51:53.926699Z","alert_count":0,"request_count":1,"received_data":96978,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"blogger.googleusercontent.com","ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":4332,"first_seen":"2012-05-25T17:41:01Z","last_seen":"2026-01-26T03:45:32.866806Z","alert_count":0,"request_count":5,"received_data":1886613,"sent_data":3472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ctkkponbri.com","ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":9,"request_count":3,"received_data":273592,"sent_data":1330,"comment":"","tags":null,"fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ibanking-bankjateng.whf.bz","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2019-12-20","domain_rank":0,"first_seen":"2025-04-08T10:51:16.825392Z","last_seen":"2026-01-26T23:04:02.329933Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":918,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ctkkponbri.com/","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa8185dbbc9e3885b5abdc48dee60c74","sha1":"c36134d67fd0022b3d3d583dd66d626575fc893a","sha256":"27ce47fd9744b205315a92266e627c89bcca5e7d1ee9abe30148110a5c8aa37a","sha512":"175331e3c4b788f5a3fa7ae6908079400176817e2d6e6bbceba7f62ae7c0a003f3ef5a0129a4874d811a6f52e2d865b1a8e80958dcd280d8d58a73a8f0603f1f","ssdeep":"","tlshash":"dec04c1c30b6501616332559097f850d2e3d201f328edf417d5d28944fd6225b7a5155","size":191,"data":"","first_seen":"2025-04-08T10:51:21.776485Z","last_seen":"2026-05-10T07:25:16.947447Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctkkponbri.com/","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa8185dbbc9e3885b5abdc48dee60c74","sha1":"c36134d67fd0022b3d3d583dd66d626575fc893a","sha256":"27ce47fd9744b205315a92266e627c89bcca5e7d1ee9abe30148110a5c8aa37a","sha512":"175331e3c4b788f5a3fa7ae6908079400176817e2d6e6bbceba7f62ae7c0a003f3ef5a0129a4874d811a6f52e2d865b1a8e80958dcd280d8d58a73a8f0603f1f","ssdeep":"","tlshash":"dec04c1c30b6501616332559097f850d2e3d201f328edf417d5d28944fd6225b7a5155","size":191,"data":"","first_seen":"2025-04-08T10:51:21.776485Z","last_seen":"2026-05-10T07:25:16.947447Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f03e5a3bf534f4a738bc350631fd05bd","sha1":"37b1db88b57438f1072a8ebc7559c909c9d3a682","sha256":"aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947","sha512":"8eeeaefb86cf5f9d09426814f7b60e1805e644cac3f5ab382c4d393dd0b7ab272c1909a31a57e6d38d5acf207555f097a64a6dd62f60a97093e97bb184126d2a","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"1793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95992,"data":"","first_seen":"2023-03-07T01:02:11Z","last_seen":"2026-06-08T14:01:29.900601Z","times_seen":25318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPMG51wBFdQ7Z4vAwkWv6iU9ngLcr2leCxU2gu3Ecr_crCP7YYHH9rVErcOlbG1_WNWHC6G27SrosA7O6WohIQhVvJ4-TiPusQ3ZXsol9v82xkTFVQvJBvkFUxfdSrJiYBMr_rpK06licvnRf4KBt5EW9-f28wZIMir_4pdrhsYvfuHHQZ8-NbYaCUA1w/s805/AddText_09-15-12.32.19.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:05.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiPMG51wBFdQ7Z4vAwkWv6iU9ngLcr2leCxU2gu3Ecr_crCP7YYHH9rVErcOlbG1_WNWHC6G27SrosA7O6WohIQhVvJ4-TiPusQ3ZXsol9v82xkTFVQvJBvkFUxfdSrJiYBMr_rpK06licvnRf4KBt5EW9-f28wZIMir_4pdrhsYvfuHHQZ8-NbYaCUA1w/s805/AddText_09-15-12.32.19.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v8a1\"\r\nexpires: Sat, 31 Jan 2026 01:51:05 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"AddText_09-15-12.32.19.png\"\r\nx-content-type-options: nosniff\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nserver: fife\r\ncontent-length: 272061\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":272061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 805 x 311, 8-bit/color RGBA, non-interlaced","md5":"18eb28332d20ec28a44d6a3ef9078c34","sha1":"62a7e87ad63c1bd5d6d0b5a18ee82027b8f2d685","sha256":"75cc8f6dd34faf44f0b74a5b4bcd5a523066b8398244dd8dfc3095c7b3dd2792","sha512":"1bf8bd681cfc0676129306e58cafae0324490f4e2560cbd82db0ac05428acc464d9f2520d16903e0cc5b899a75db129f5b7eed78ebf8d9329e60c061eee86ed9","ssdeep":"6144:cT/WzB9pxoGrSKeagohAn0Ko5YznTcP7FGZV3elgJHmq:i/oXxPG/QAnuigP5adxhmq","tlshash":"a04423f1e21eec2e5bdcb835a206d5b53da284e4553422ba7cb6c406b23c81457836fb","first_seen":"2025-04-08T10:51:21.775493Z","last_seen":"2026-05-10T07:25:16.943484Z","times_seen":77,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":101,"dns":3,"connect":20,"send":0,"wait":457,"receive":64,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFhZOWnVSsVI3SbtXvHFez97TkJyQlGdbWgczCfKVP7_1UNkulM7wTmMa0ULR5Oz6F7D1rmH7Zn0s05WDxR9SX3CH4Lwd9dgBn6bie-ThltmZt0uj_piuZJTGLrTx0uw4RluDkPGYvStuXL8kmbRwRjpSMni8Y9XcNlpoiR-rD1qA9ZfRym3D6NmMXwQc/s1117/XRecorder_Edited_05122024_210143-ezgif.com-video-to-gif-converter.gif","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:05.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjFhZOWnVSsVI3SbtXvHFez97TkJyQlGdbWgczCfKVP7_1UNkulM7wTmMa0ULR5Oz6F7D1rmH7Zn0s05WDxR9SX3CH4Lwd9dgBn6bie-ThltmZt0uj_piuZJTGLrTx0uw4RluDkPGYvStuXL8kmbRwRjpSMni8Y9XcNlpoiR-rD1qA9ZfRym3D6NmMXwQc/s1117/XRecorder_Edited_05122024_210143-ezgif.com-video-to-gif-converter.gif HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"vd71\"\r\nexpires: Sat, 31 Jan 2026 01:51:05 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"XRecorder_Edited_05122024_210143-ezgif.com-video-to-gif-converter.gif\"\r\nx-content-type-options: nosniff\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nserver: fife\r\ncontent-length: 1302138\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1302138,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 600 x 1117","md5":"ff303a1d283ba846d9bca951e66ec90b","sha1":"d4aa82984169ae857c153be67b073bb0ad7011b2","sha256":"38ab0b448d46d526c58b41712da95db69cf3d8627213f05b639569e407d9f2d7","sha512":"f50f222c2315d92c957e2827209bd82b39981787bad67eeefa371c1cacba66413f269366834de0c57845931154ecbcab26edf57b9b9f41474ad6a0812f6058c3","ssdeep":"24576:MRYuB6A40gUEmYJAgb+n/LXcOYrQ/ALkBNY9qXIwF8qkfdSBqNf:MR/B6UgUEVJPU/L7eCQoFI1aqNf","tlshash":"6d25332fb1d6529373ef18c846b86e67a61f159cec4222b40e58c5a09cff1b1807b5f6","first_seen":"2025-07-29T22:40:21.499494Z","last_seen":"2026-05-10T07:25:16.941542Z","times_seen":63,"resource_available":false,"data":null}},"time_used":927,"timings":{"blocked":86,"dns":1,"connect":23,"send":0,"wait":466,"receive":288,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctkkponbri.com/index.js","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:04.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctkkponbri.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 21 Jan 2026 13:09:41 GMT","end":"Tue, 21 Apr 2026 13:09:40 GMT"},"fingerprint":{"sha1":"64:40:86:E4:C1:AB:6A:8C:87:81:2C:D7:D2:06:95:F8:73:1E:CA:D3","sha256":"8F:79:EA:C3:C3:E7:34:66:05:57:2F:94:35:1F:BF:E2:1F:7E:81:A8:E5:0B:DA:7B:73:33:5F:4D:BE:9E:02:E5"}}},"request":{"raw":"GET /index.js HTTP/1.1\r\nHost: ctkkponbri.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":796,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-06-08T15:27:36.540827Z","times_seen":46623,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ibanking-bankjateng.whf.bz/BRI/ast/img/load_spin.png","fqdn":"ibanking-bankjateng.whf.bz","domain":"whf.bz","tld":"bz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:04.993Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /BRI/ast/img/load_spin.png HTTP/1.1\r\nHost: ibanking-bankjateng.whf.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ibanking-bankjateng.whf.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:04.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33507\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:03:00 GMT\r\nexpires: Sat, 23 Jan 2027 13:03:00 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 564485\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95992,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"f03e5a3bf534f4a738bc350631fd05bd","sha1":"37b1db88b57438f1072a8ebc7559c909c9d3a682","sha256":"aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947","sha512":"8eeeaefb86cf5f9d09426814f7b60e1805e644cac3f5ab382c4d393dd0b7ab272c1909a31a57e6d38d5acf207555f097a64a6dd62f60a97093e97bb184126d2a","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"1793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:02:11Z","last_seen":"2026-06-08T14:01:29.900601Z","times_seen":25318,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":78,"dns":0,"connect":21,"send":0,"wait":22,"receive":23,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwzhsQd1K7iF1d2s06-jdlmwaZV6_bR1eZiRCjx7LnbIHag5c5iAEOVfgP9UE-lQqv0M2-C7gQ3u6y6C-0E1iLZASRfrNtk7YOeBa_5obrbvmB4yi2MOjPPseRovva7VTIMmt3dXKcdlSDiqBt5-D_T5W1RiloJ5AOct6wnyv4SZI6Cj6Ahfc2j_x3NZA/s1080/1703668668502.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:05.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgwzhsQd1K7iF1d2s06-jdlmwaZV6_bR1eZiRCjx7LnbIHag5c5iAEOVfgP9UE-lQqv0M2-C7gQ3u6y6C-0E1iLZASRfrNtk7YOeBa_5obrbvmB4yi2MOjPPseRovva7VTIMmt3dXKcdlSDiqBt5-D_T5W1RiloJ5AOct6wnyv4SZI6Cj6Ahfc2j_x3NZA/s1080/1703668668502.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"vda2\"\r\nexpires: Sat, 31 Jan 2026 01:51:05 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"1703668668502.png\"\r\nx-content-type-options: nosniff\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nserver: fife\r\ncontent-length: 47806\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47806,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 257, 8-bit/color RGBA, non-interlaced","md5":"30907c77255924f7354fba98d05fbba4","sha1":"a56388e68b10c00516808fd20e80f0fcfdc67469","sha256":"c49694b7d5935e0a2c77fb577b45ec99850ecd35b8acf80a40be09e497ab3e61","sha512":"06c210e547d4d7f118bb8f66855a0119efecca6e50c380bc891fae65991d13453f3d39c93a0c754d9d30ad8d889f57869b4b6ea52f40ea2e8013d3598e2544d3","ssdeep":"768:IjGo/NXXHNw8a9nq3lLpnGbfiYs3RG9uLfYc3rOktiOJ3bAdPup2czGAlfiPl+j7:ILe8a9q3Rpnkf8ROYYczBJ3bAdo2e2QN","tlshash":"ca23f1b55ea1cfafc9f4965213e14040ab8d835d1769c3b5da14b69cce9327c16c22fc","first_seen":"2024-10-04T10:36:09.314398Z","last_seen":"2026-05-10T07:25:16.93204Z","times_seen":97,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":83,"dns":36,"connect":23,"send":0,"wait":388,"receive":10,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjshDdRe8a1xJLRSEmHfJxT_RkPMfmpgZgfx4Q3zaW76DSTLozbeqQkdIlddB0HQta5DO001H9OZbltY7ak2yYsmplrHaSdELIMg2KX286sRXpvWlsBtuGj7bVwFx9O4u1spHOX8u9V0ikav-Q7WJTS90_6kT95GKZSbQD2iIkWaw7pNOlzQPgOdP_9yG4/s500/small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:05.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjshDdRe8a1xJLRSEmHfJxT_RkPMfmpgZgfx4Q3zaW76DSTLozbeqQkdIlddB0HQta5DO001H9OZbltY7ak2yYsmplrHaSdELIMg2KX286sRXpvWlsBtuGj7bVwFx9O4u1spHOX8u9V0ikav-Q7WJTS90_6kT95GKZSbQD2iIkWaw7pNOlzQPgOdP_9yG4/s500/small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"vda7\"\r\nexpires: Sat, 31 Jan 2026 01:51:05 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png\"\r\nx-content-type-options: nosniff\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nserver: fife\r\ncontent-length: 131064\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 433, 8-bit/color RGBA, non-interlaced","md5":"bb492a8231891a8b9c87cae94e30cd63","sha1":"83814fcac1091c18c05ebca692a544d19c42d91b","sha256":"6d1dfd1c50957f17f85f10adacaf39d05e55c29e550dbf08ae731bfc78c9cc0d","sha512":"935cdad8a242dac9df4a3422ef0bfe993a525b9deb7a53c0422b2301a65abab8e165ed1023e4cb5ae8ca3945676d0135c2a711a9529603f37ec4d80294923d6e","ssdeep":"3072:uiHxW5VPNyA4eodYmIa5m7entX/CjzS0mCHycUVh:uiHxcPNy3efmIaI7entX/I8Pceh","tlshash":"39d312f77bd1e830248f34d9a72252ec97fe864f7c6026e859b49bec64b10c4f591162","first_seen":"2025-04-08T10:51:21.772668Z","last_seen":"2026-05-10T07:25:16.926311Z","times_seen":78,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":1,"connect":8,"send":0,"wait":479,"receive":42,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctkkponbri.com/","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T01:51:04.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctkkponbri.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 21 Jan 2026 13:09:41 GMT","end":"Tue, 21 Apr 2026 13:09:40 GMT"},"fingerprint":{"sha1":"64:40:86:E4:C1:AB:6A:8C:87:81:2C:D7:D2:06:95:F8:73:1E:CA:D3","sha256":"8F:79:EA:C3:C3:E7:34:66:05:57:2F:94:35:1F:BF:E2:1F:7E:81:A8:E5:0B:DA:7B:73:33:5F:4D:BE:9E:02:E5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ctkkponbri.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Fri, 16 May 2025 04:01:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2452\r\ndate: Fri, 30 Jan 2026 01:51:04 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":9463,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (625)","md5":"d95ca5597345674955b1341ddc7262b6","sha1":"12ec1ab811571c436cda9869cada075e10c67b29","sha256":"9b4e61e9fb4a82f1bf4956d9e2143e95c5ba5d3b7ff912307b9f89e4af13a777","sha512":"72aa841449489199f277209eb1f4866a9517613646eefe5ba3f0a5b188e6f1962d6f21ae6f4649e13a2a60e3ccf45036c01c3d61b285a099336a1701eabb90f0","ssdeep":"192:dwChj5jeh2F202F2TGAOtprke9shq/YiQ89Q6:dwChj5jeh2F202F2mp4e2hq/YiH9Q6","tlshash":"f112a6e3a15604060225c4207f617d8857398843c75e8c67719d27cfafe9be4da733d6","first_seen":"2026-01-30T00:43:11.800596Z","last_seen":"2026-02-15T15:47:59.086722Z","times_seen":10,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":382,"dns":1,"connect":185,"send":0,"wait":188,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ibanking-bankjateng.whf.bz/BRI/ast/img/load_bg.png","fqdn":"ibanking-bankjateng.whf.bz","domain":"whf.bz","tld":"bz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:04.991Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /BRI/ast/img/load_bg.png HTTP/1.1\r\nHost: ibanking-bankjateng.whf.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ibanking-bankjateng.whf.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctkkponbri.com/img/tema.png","fqdn":"ctkkponbri.com","domain":"ctkkponbri.com","tld":"com"},"ip":{"addr":"195.88.211.226","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:04.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctkkponbri.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 21 Jan 2026 13:09:41 GMT","end":"Tue, 21 Apr 2026 13:09:40 GMT"},"fingerprint":{"sha1":"64:40:86:E4:C1:AB:6A:8C:87:81:2C:D7:D2:06:95:F8:73:1E:CA:D3","sha256":"8F:79:EA:C3:C3:E7:34:66:05:57:2F:94:35:1F:BF:E2:1F:7E:81:A8:E5:0B:DA:7B:73:33:5F:4D:BE:9E:02:E5"}}},"request":{"raw":"GET /img/tema.png HTTP/1.1\r\nHost: ctkkponbri.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 06 Feb 2026 01:51:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 16 May 2025 04:01:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 262296\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":262296,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x1280, components 3","md5":"eaa9b040618acb62fa08419c510e5190","sha1":"242df28e7c07c82cc1febbb6aea3c86d3e3f696f","sha256":"5b1389d7a4ea09bea910d3267bc8c8f0930f01c0e3e8a90639f61be890377e00","sha512":"84cdd94df927869a6185a0e44b9892e196ea6e005504244f1c1a53ebc08139ba48a81b054910acb67df1f9a4dc60bc78abe5c243112da0a432959f5a73432842","ssdeep":"6144:P6/hssa3+3btvwjkk9BKzfL0xpYI8KKuzkXwe2j4H:P6/hsR+LxokqKz6nJe20","tlshash":"86441254d1b4750bdf8d3667b4135c590aa0c92aed9d23605b630b5e338ce7ae6182cf","first_seen":"2025-07-19T16:15:25.120189Z","last_seen":"2026-03-19T05:09:18.435039Z","times_seen":27,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":568,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"ctkkponbri.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjshDdRe8a1xJLRSEmHfJxT_RkPMfmpgZgfx4Q3zaW76DSTLozbeqQkdIlddB0HQta5DO001H9OZbltY7ak2yYsmplrHaSdELIMg2KX286sRXpvWlsBtuGj7bVwFx9O4u1spHOX8u9V0ikav-Q7WJTS90_6kT95GKZSbQD2iIkWaw7pNOlzQPgOdP_9yG4/s500/small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctkkponbri.com/","date":"2026-01-30T01:51:05.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjshDdRe8a1xJLRSEmHfJxT_RkPMfmpgZgfx4Q3zaW76DSTLozbeqQkdIlddB0HQta5DO001H9OZbltY7ak2yYsmplrHaSdELIMg2KX286sRXpvWlsBtuGj7bVwFx9O4u1spHOX8u9V0ikav-Q7WJTS90_6kT95GKZSbQD2iIkWaw7pNOlzQPgOdP_9yG4/s500/small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ctkkponbri.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"vda7\"\r\nexpires: Sat, 31 Jan 2026 01:51:05 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"small_FA_L_Ogo_BR_Imo_FSTVL_2_963a44fea2.png\"\r\nx-content-type-options: nosniff\r\ndate: Fri, 30 Jan 2026 01:51:05 GMT\r\nserver: fife\r\ncontent-length: 131064\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 433, 8-bit/color RGBA, non-interlaced","md5":"bb492a8231891a8b9c87cae94e30cd63","sha1":"83814fcac1091c18c05ebca692a544d19c42d91b","sha256":"6d1dfd1c50957f17f85f10adacaf39d05e55c29e550dbf08ae731bfc78c9cc0d","sha512":"935cdad8a242dac9df4a3422ef0bfe993a525b9deb7a53c0422b2301a65abab8e165ed1023e4cb5ae8ca3945676d0135c2a711a9529603f37ec4d80294923d6e","ssdeep":"3072:uiHxW5VPNyA4eodYmIa5m7entX/CjzS0mCHycUVh:uiHxcPNy3efmIaI7entX/I8Pceh","tlshash":"39d312f77bd1e830248f34d9a72252ec97fe864f7c6026e859b49bec64b10c4f591162","first_seen":"2025-04-08T10:51:21.772668Z","last_seen":"2026-05-10T07:25:16.926311Z","times_seen":78,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":1,"connect":21,"send":0,"wait":456,"receive":31,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}