{"report_id":"f4e2e8f4-b246-4066-9499-f48db3a7bc81","version":0,"status":"done","tags":[],"date":"2026-07-02T13:02:56Z","url":{"schema":"http","addr":"midnight.glacier-rep.com","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":0,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"final":{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"title":"Midnight | Bringing rational privacy to blockchain","dom":{"size":203526,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (28065)","md5":"84c58ecfa73de927e23ae3c5c9438267","sha1":"f3977fbbd3ba56f96ecd9d250b6ce414abe03cdb","sha256":"00a328e2fb5db901c1381dddc0d49d13682a76816bf97a8ab8cc04527f9f9d47","sha512":"8f2dfa52bfb9d2b4dd60db51610e8864a1322df3e3e40fd56fc4608deac00d048f6c122236164014619adb1632c4824bdb9bacb26042b34232a212ae9d15f36c","ssdeep":"3072:EJsD7CARO7o4zQTVmkUGrxPiRlcZw+Pq+RQrpsJUiy:sQTckUGrolZtsUp","tlshash":"99146c32eb913037420747d9f0d26788b27ac55bd74a8ad8f1ec8a405fcaf9a9c1765c","dom_hash":"domhashf14b6040e6454c1e211641ad9f441406","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"midnight.glacier-rep.com","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":0,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T13:02:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"midnight.glacier-rep.com","ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"domain_registered":"2026-03-31","domain_rank":0,"first_seen":"2026-07-02T13:03:11.097111Z","last_seen":"2026-07-02T13:03:11.097111Z","alert_count":77,"request_count":77,"received_data":10047513,"sent_data":40302,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":3,"received_data":1083947,"sent_data":1604,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.com.ng","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2009-05-13","domain_rank":150820,"first_seen":"2012-05-22T18:50:56Z","last_seen":"2026-06-25T18:02:31.980958Z","alert_count":0,"request_count":2,"received_data":84,"sent_data":3188,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.251.151.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-06-28T22:45:38.558215Z","alert_count":0,"request_count":6,"received_data":5615,"sent_data":6560,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gstatic.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-06-28T22:56:10.267064Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":522,"comment":"","tags":null,"fingerprints":null},{"fqdn":"forms.hsforms.com","ip":{"addr":"104.18.80.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-09-18","domain_rank":29940,"first_seen":"2018-03-07T15:21:13Z","last_seen":"2026-07-01T20:44:18.911872Z","alert_count":0,"request_count":1,"received_data":4952,"sent_data":657,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-06-29T07:38:11.336391Z","alert_count":0,"request_count":1,"received_data":5003708,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"WebAssembly","description":"WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.","website":"https://webassembly.org/","common_platform_enumeration":"","icon":"WebAssembly.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.sanity.io","ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2015-01-07","domain_rank":67597,"first_seen":"2017-03-16T07:21:36Z","last_seen":"2026-06-26T02:04:44.364046Z","alert_count":0,"request_count":6,"received_data":4728884,"sent_data":3683,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"consent.api.osano.com","ip":{"addr":"108.157.229.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1999-10-18","domain_rank":52850,"first_seen":"2020-02-01T06:11:29Z","last_seen":"2026-06-30T20:49:07.573823Z","alert_count":0,"request_count":2,"received_data":1189,"sent_data":1115,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"midnight.network","ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2020-01-29","domain_rank":435128,"first_seen":"2025-10-22T18:22:02.762818Z","last_seen":"2025-10-22T18:22:02.762818Z","alert_count":0,"request_count":1,"received_data":5707,"sent_data":556,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"widget.kapa.ai","ip":{"addr":"34.160.184.151","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2023-01-23","domain_rank":544098,"first_seen":"2023-05-28T16:39:15Z","last_seen":"2026-07-02T09:08:02.76478Z","alert_count":0,"request_count":1,"received_data":2022947,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"midnight.glacier-rep.com/990-806d3e61c60821ed.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"6502f8d5f8c7c2c472bb2ced668e2061","sha1":"d60564120de2b8dd6ab136db932960739032ce01","sha256":"bf43164875884cb0129ab01d824602b8f0c803b10e01ccdd5b6a5d9e708a30c2","sha512":"cc7a1a57962781f417d8fe876ab8a120cbdf1f60ec78d84ba89e178683e52d689d89d3419827202d44b4b91186ac34284e86c795317cdc6a5ad16a0112be2cd6","ssdeep":"1536:5lVL5SL+S58xm0Er9fg0z+ZeMehvrPb5m7KNTH9Pl325f9dpfd3UEtor:7VM584AZeMey8ZPlMFby","tlshash":"e58318c67292f074cbab6166803f440ef23b2a98644d4004f37ad9d93c79999d377f6a","size":84695,"data":"","first_seen":"2025-10-22T18:22:16.271856Z","last_seen":"2026-07-02T13:03:20.131853Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/289-3937c8927401961f.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"83d003a6561f83f66b8503debd604d49","sha1":"7128e05ab733749970fa119e19bb7a9356d9f057","sha256":"62733f2042957c7b9321a038ecdbe94e3560669e55f3864396351848658375bb","sha512":"da705c7d41287b59e7e02842753e64c9d988016981cd12ecee4464edbbcf04f02f76e01eaf5eef086604a2e533362db0b10424cae8a0e7a2451701492df1601c","ssdeep":"96:nyl9hsODCkCOsfP6Y3vLrGFm7+GNIhgfl6p9NYAG9NW+z3uVp+3wVEb2d8wNy19M:yvBCOQf9NV7W6eBNyzZjAn","tlshash":"b812625ea550beecfa6fc988bf6f604c721f1744dd4d88a4b9b9580418809d8b223fdd","size":9655,"data":"","first_seen":"2026-07-02T13:03:20.152891Z","last_seen":"2026-07-02T13:03:20.152891Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/webpack-1154df77b7e7d6f5.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"401d275eac42478da2fb128bbccffbdd","sha1":"7c46dbd4abc82b49108e002eed8fefc4b7629d70","sha256":"a5bccca92eedf1c6e64fc742b24c7d7a62b64d400d11b2048e3f552b35000680","sha512":"2119ab2aef921831c3d12fa61de7f2341552c311b64584558f749bf4a9f3df5e0d9f38170a14656eec45f432b2b14fa4af78d6d5da9517dc3453b81a57460b77","ssdeep":"","tlshash":"b181b7ed7161f9b9178290e1403fd456b63e24b2291ee4a4ca1de8f5fc349498613fa8","size":4089,"data":"","first_seen":"2026-07-02T13:03:20.193975Z","last_seen":"2026-07-02T13:03:20.193975Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_app-936de39228525e83.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2dbfa16a994426dd19204ba5f3170c0","sha1":"3598ecace6c00d6b48c57d6aafb96f470a968fd3","sha256":"b6407aaa54c67ff97299f1777d83293d28796e114a2e28ff008adab6589ee9a3","sha512":"3dc00bf10ed28161f59d7a2e289683e0ff27d56545d096f887449785c9b131489409e76cf773bba4ee6e13ca5028b31e92bc50593529d4baa630664549b9ebb8","ssdeep":"6144:TE9ut49MOfxyhG7O/BuBNBGA5W4VUtSU7/bWmACwT4Dsm7IIfdrtA1e1/:TrODw+O6YbWmTfj/","tlshash":"88a44cc97391b15583db52e6807f110af33f6d98240d442cf6b4ecdab965988a2b7f38","size":484591,"data":"","first_seen":"2026-07-02T13:03:20.1864Z","last_seen":"2026-07-02T13:03:20.1864Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index-5aeef11a381fa424.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"d817be4104bceff9d2f9e9cf9847c8c3","sha1":"23cfb655ea0d02a48f85f3d3c1f4d771cf761d20","sha256":"2f90f11937f390140480594ad5a2c7b5d5f20b2ab5b41fe99cd3e2dc6753a5c8","sha512":"af49c4d99832c40dd8ccb94bd326d8642e07078a52de217fc1816bfebad50f185f055533892c7e37d8843fc16767e35b215f884e049e76d46d0358875a242f7e","ssdeep":"96:UARrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8s6:BrR0v2BY1BlFwA3gs6","tlshash":"f1b1b5417a92f874e7af6558407f402cb33f3f51740a8064e73e6c543925ac6e2a6b9b","size":5443,"data":"","first_seen":"2026-07-02T13:03:20.133181Z","last_seen":"2026-07-02T13:03:20.133181Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/11-15341343d0b6fc7b.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f5c41b9b77145e92cbe47cc3f90852c","sha1":"90ded356037c0bf7d2b858b1d3e52463ce075edb","sha256":"8e3fe0fe2b095f1775115c21014d9dc3d9c1bd785f6728514c8b8fb012ebfe6d","sha512":"cd2277d73d9d2dd69e8ecf1ced62b9d20abb1910fd49bd6c269cb8a85cab2bb7df73773502c5c18fbc02d80b6ee2ce96a0b8a6c550e170a8a9f92737d4965b0f","ssdeep":"192:e/m1wL7bqIOu3F7LqAHUM1Fcnref+O1t91SgjSTNgUwbRr0113pzqxvl3AoK:e/CEnqkF5DMit91SgdRoH9qxvl3A9","tlshash":"1972d8e8b3f07a9ca50787d8e67f985cb35e1988eb1d8c95f1bd98540641088fac3ec4","size":16176,"data":"","first_seen":"2025-10-22T18:22:16.112077Z","last_seen":"2026-07-02T13:03:20.175236Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/288-381a6850e5cf6765.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6d754680108177bc06e8151f12aa366","sha1":"6a63817d7c62d2f4cb8efb2ed8e33a41cfb78957","sha256":"565d5cdca1623ca4eac31f43ee7ef95259f49df0e279bd1e3b81f10c271d4284","sha512":"6d2acf2878be977a63b9f0a096b58437c1c33672ee85d702373cdff8dfefc84604dcea821c11acb8777339773feeb841d42c6a7af18ba9f3ec19875a5498ce7c","ssdeep":"1536:MnE5+IXApD5MdexKFmd0ZX9tysHAL76gX36Owx3:Mb5jKFmO1DysH3i6O63","tlshash":"f6b34dd53692b075d7e741aa803f0009f33e2f69240e4410f16edc9d75a6a89d2b7faa","size":108684,"data":"","first_seen":"2025-10-22T18:22:16.27906Z","last_seen":"2026-07-02T13:03:20.149935Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/enterprise.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b1e8ce70d22eb2457bffd151c42d9a9","sha1":"fdebdbd266699e0cb0fe5de29e54235edec713fb","sha256":"fdb0adeaf95c9b63eea059d0bfbb6938dd77fbbc1bc237f65514e7e26c0b9cf8","sha512":"bbf3cdb31b48b9c9714805b40ba711a89cc07d0a5c56ce0aa038c349c3301c522a677cfa955260c9c2634750400b638dbe9df569d916bbd7f5dcc455a28e1482","ssdeep":"","tlshash":"e13167fa1705a03e0bb64af1a5f9d772fd42701c905c44d8a511ae852edaccbce06966","size":1772,"data":"","first_seen":"2026-07-02T13:03:20.195411Z","last_seen":"2026-07-02T13:03:20.195411Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/646-4147751f80329f7d.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"58d6a28374bbc976a34d54c575b763bf","sha1":"59a2307d7059077b00e39d58e368540afade3887","sha256":"6fa923ac66624dec1940c77aea2a94572a6b89ecadc8999873c6d74c3fd73835","sha512":"b7eb606c99fb6d480cf1528d4b641c1df999443a0c8132a09afcfe990a2d460017d8a29335e669c2a2f332ca4e98a1ec8e79f885c06ad156e850565c26126088","ssdeep":"1536:+TvoKx8kRnvGLpBlxvH68f2N/63wlAgSPLxABsFMBvpqBoYJ8XiA6wiaoG:MEMUNgSPWc0OxlaoG","tlshash":"e4a309ca7221b5b692db519a92aa8112b3f65844740d847cb1f48ceb547c99c03ffff8","size":99321,"data":"","first_seen":"2025-10-22T18:22:16.288398Z","last_seen":"2026-07-02T13:03:20.097191Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/kapa-widget.bundle.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b142608f781690602c02a1922a66a90","sha1":"c63be51ff6266ff22b962ee8c7b4194eaf94f4a4","sha256":"1d396dc8032c190296eec5f49202535d1aef309bef4a7947784f87a7e6317bc4","sha512":"3cb37180de14da0ed4ff14b1b169de0c609bd43a01d358596c08fb72c29df4aa70f245c9d014a4b6ce99a1d50c71e5a93c66d5a44a716545754ad531b8933ecf","ssdeep":"49152:o4QZyVWnlF650hGP0s1YA6maRVIHKMYDjMYjlClHHZPCCPk4rGqwo3Y29n:o4QZyVWnlF65iYo4qJ29n","tlshash":"46a5afd8b8a074311723566651ff6108f2353d22b8098564f7b8c88b59b79df2263fbe","size":2103310,"data":"","first_seen":"2025-10-27T16:01:47.46288Z","last_seen":"2026-07-02T13:03:20.199892Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/45047878.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"00f5849861ab7c0c1f6c5df93dba03ad","sha1":"e506f1b9038b6fbab5cbfd09f1b185395a8ce005","sha256":"0078f3f2b2533eb0b43aa2b589c47a8134dc35f5bad21a92a7eeba85d99d4afc","sha512":"d1352404364090fdd70397bdf4e3c6f7ec8c66ab5d0439af4c70964a77028e303a42e1a3ddc0883ec948c3c3dc4115e475bb0dd00d17aac7a054e7e2e0536ba3","ssdeep":"","tlshash":"e241223b7c169c3886cd46d99a79c999b4e43132a411cc9284ced44ce6bcfe6202ab1c","size":2049,"data":"","first_seen":"2026-07-02T13:03:20.127953Z","last_seen":"2026-07-02T13:03:20.127953Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/941-34df068889cb34b3.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7615f0bafcc86d9bdf688df8c8cf96a","sha1":"f2af41bd967bb5e9f59709bee1faa2892f606555","sha256":"5d5c5170c64c664aa956e1e7f1c849e9a08a5603e2620f3b66e35a6a15dc6eb4","sha512":"161abb8e8b98e450ba404a97c5a4dc53277a297113c3a3808d908e764ceb7ce82b4f54edf3cc7a4b37dacc4661d3c00a012fd0ca07fc010b9e516551fee17772","ssdeep":"96:OLg1ZM/ZNQClbUBCXB7RqoiFWoir18vhVtzWpQ4tJflRaQaW4TnASVJV76VkMKCE:DzWFlxB7cWLA3tNt/WUBC3u3NwFI","tlshash":"d2e14254b155aeecf93a45dda06fc04cb16f3b4cce0d88a4b4b579206c495887e8bfca","size":7180,"data":"","first_seen":"2026-07-02T13:03:20.124631Z","last_seen":"2026-07-02T13:03:20.124631Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KHVQ32BT","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6349319e26acdfa8558262ca541a0dac","sha1":"26ad56fa40980fad7e9bc6d913111b699dda3f22","sha256":"d1f2ce093adfa9dffa0daa226ec5293ce1f4f42215bf6eec3032883c7213db48","sha512":"c989ea9fd7594135d81220ef3f7a9c6bf077ec8fe1a2f4b18a39923bd9e85d6d7c8d093799697720c18d4a42e9c8bf7178ac5c0e239262b6ef20c2831aed653e","ssdeep":"6144:18+PtCn0y5ifGCvJWXLd5fpcxIGQznsWBfyZWmeo:18+PYYVKL/EZJb","tlshash":"35b41aceb3d674265392b478503f018ba27a25e2f44dc8a9f186dcd42e7469a8133f7d","size":501649,"data":"","first_seen":"2026-07-02T13:03:20.197916Z","last_seen":"2026-07-02T13:03:20.197916Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/v2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee75b7af42f690f585d77a5369807b3e","sha1":"80a9d3a3397c420fac9a485b6474ca3b59eb6b5f","sha256":"68682417e57ebfd06f5b9e10fce969291ebbfd36db36bcf46611d0de49548dc7","sha512":"6e7d7a5e1356c5246f7d136fc6afdbff396435473be99ec4497b34c7838d3def7f63d0d9da84ab65fe55fa24f4bdfda97506bf8967aee322318e965292912400","ssdeep":"6144:f8owT5y1EQ9RSM4JwmwJyr8eRNvyi6fMbtLKOdJBFL/hhltOkAxrxeGd6B1k+W20:U3TYSRNv6fsFjhhLOkAveGd6BnA7","tlshash":"74c45cc53185f0215bb301b660bf200ab33d5d29780d8990e765edda38e995ea17bfbc","size":590015,"data":"","first_seen":"2025-10-14T15:54:21.63668Z","last_seen":"2026-07-02T13:03:20.185082Z","times_seen":2114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/229-aa32899c3725cbd2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"261070e06e612b6a39c6c705fa4cd21d","sha1":"3d2fa37a82350cc639a5f481f9b2e6c224c415d9","sha256":"0ecc52e88a70a8e98bcebd7fb61df5214024aefbb9bed64ecfd528c316510fc9","sha512":"82dc59774bf37e7099eb4155c5a02837712f1cf30d12bfdf91a7e7d69e86c3a79a8647a72d4ccb5c9ec9d698ce1c0c693ff562a7dad760965bc92fcdab7c1b67","ssdeep":"768:zR/rUNkVJ6PyU9PmQAFxDclxzlabZOTtLVfiawY9548N2c1llw5V+X+hVMsuttNx:9/rUNkVmy5z9wxMlStwVqjqittNx","tlshash":"8de207ce5368e6e8f4889be8de37644c772e2c79af67c200d3a45d10e4460e9790eec5","size":34137,"data":"","first_seen":"2026-07-02T13:03:20.125827Z","last_seen":"2026-07-02T13:03:20.125827Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/ecosystem-55f9d7ec4dd1242b.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"7caea6fe568b8ea5d55a1d834c2dd0a5","sha1":"64452fec677097c7112765d87099d9b935f70768","sha256":"d5d09e03075c829f9dc786e165f292efc17997624b03f843dec7ab9ec4565abb","sha512":"3022053233885de86b90b778c0d0d9efed2caa2b41358c0d311cdda6eb288fd327939523843b58b65323914e759ab80679a8e256e7c2383effaf744a7e173f26","ssdeep":"96:oACrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8S6:+rR0v2BY1BlFwA3gS6","tlshash":"9bb1b4417a92f874e3af6558407f402cb33f3f51740a8064e73e6c543925ac6e267b9a","size":5452,"data":"","first_seen":"2026-07-02T13:03:20.134521Z","last_seen":"2026-07-02T13:03:20.134521Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-SS9KZ3GN21\u0026cx=c\u0026gtm=4e5au0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8624094f59eb2ac96f396200a61c4390","sha1":"fda3cf2019f1dc2aa242edd18f2683cff0c8cd38","sha256":"5946022c01707b790fc43c6d12cc7b6c4a3dd31f8c2dbd69f939447c7e62f8ee","sha512":"58d3c5cdad0c8edb7ab6da31ebf9e28461602d014aaa06c99b5385f81c93e9338ae8fd1841b529b98407a7220fd0eb1212adb8310443349810f89dd7290ecc8c","ssdeep":"6144:mTUmKtCn0dF5iqGCvJWXLd5fpcxIGQznsWjfpUpEGmfuvIrqR:mQmKzFY0KL/tUpEZpWR","tlshash":"cbc40bceb3d674225396f479903f01cba97b24e2b45dc8aab1c9cce02d7454a8167f78","size":579085,"data":"","first_seen":"2026-07-02T13:03:20.094099Z","last_seen":"2026-07-02T13:03:20.094099Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/uwt.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"76a4a1b90eaf763f4a6ebf05f1de741a","sha1":"5d649fb6036d2c97cd1b189b93ab01329605584f","sha256":"15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb","sha512":"37e371f4defe0cb39f231805c200954f72f3f83b26427a083c49f807ef4615af7bc661f4a79902c57fb98079b523eca37ae927f909283ecd958bedf9cd24644a","ssdeep":"1536:buo99dwkLYPs/lEGF94zSnnJpSFD8No5/g:buQdwpslF94zSnnJpSFDZ5/g","tlshash":"4443d5c8f6d5f0a543d776a6903f211bf23a6819704e8490e325e8d2bcb895e9133e7d","size":58201,"data":"","first_seen":"2025-09-11T19:44:38.876513Z","last_seen":"2026-07-02T13:03:20.170178Z","times_seen":1038,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js-1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bc63e954503848e981b2622e980387c","sha1":"59ce66a50d57ff1e3719e47965ed66949cc17f11","sha256":"82a369b8d915db232d09b98c08a09318feda2acb38c8fb1dd196a9b6e6296c36","sha512":"14284609175e7b8520f6784324919d9cbdbc207160f9a7788534be0375503eb5d4044c46f2a9a928890ce05ec17622525926a1a7c5a02657e0e905899d150d34","ssdeep":"6144:QBV5HIy2D8fud75KGq6A0RI6PjLiYYgAxFOY9ftLHAJ0aAmnnxV2irl:+XHITeud75KGq6h/LiYSAJuC","tlshash":"73b4098e73c67426539af478503f12cba87b29a2b45dc89ab1c9ccf02d3459a4177f78","size":497997,"data":"","first_seen":"2026-07-02T13:03:20.108238Z","last_seen":"2026-07-02T13:03:20.108238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/gtm.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"a06bb6119ad1120760ad3f36734cb2f1","sha1":"1afdc972facaed65c8a447a81e921cdda64c8dde","sha256":"e1b564d90c41fe1ba4e6c7a3dae02bc060cba08ef7f78952f48d3767389b1f47","sha512":"1c0aafedc2a2266dd57819d925bc41c3f616e1f50fa322b3730ac0a9bca45ed0acadf49e31a6e5b51525cd8f452c6c702bc7c2b2ae2654b8d865aed76c74c40d","ssdeep":"6144:X5pbx7X/2EyF3YewChBg2SkIaFYEpT0+Pxu3QLjCTP:XH5svwCh0/+PIZP","tlshash":"37942a8f73d774265392a438402f118ba27b2891f44ed8a5f186dcd82f74a9a8137f7d","size":418383,"data":"","first_seen":"2026-07-02T13:03:20.160869Z","last_seen":"2026-07-02T13:03:20.160869Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/020d8314-add014fd3e4aebd1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"dea6cfa7677ed3faeac12cb6778f71f2","sha1":"38522d2a2ea4a880ada73c4d8aefa6c534a6adb7","sha256":"ba5b9ee20e207d22c0d57cd1b5d5de971d074780a8ad04280b0116678418d750","sha512":"a9807c3d5def5b7c4aa2fed70213f5aece2f3cea8f3b9643a4490f8cb0486b1619937c2636b2fbe315d3789043e48c3db35e1e94563cdd000408af2c94b11787","ssdeep":"12288:j8oMNbXxHSdzWDLQJ6MIwv+ZeWD7iq5Cx:ErxHSdzWDLQJ6MIwv+ZeWD35Cx","tlshash":"3db45bf63275b0174f0754a754b90442932db8d73809867cba1ca4eb74e0998b2fbfb9","size":495005,"data":"","first_seen":"2025-10-22T18:22:16.256435Z","last_seen":"2026-07-02T13:03:20.095895Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/730-c85af50501a266d1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"76739ae14085eb2064bfd903e92f05a7","sha1":"f7714961329c6c9552e45236130f7ec5aaafcd57","sha256":"01a0dd77c5614d9ecfd1b45391b087b2454bd819d13b17c6814a397f3931b879","sha512":"6346c2df967fb6676e1d84e96f2aadeede618a83e484256f0c75a884e20afa83d10b0c9c24bd440f806acdfc6e6524ff564e407e2386d43e2761663032397298","ssdeep":"192:efuL4DqCMmXiar1qgeI2BjRwEJnD1Ze+waGS1RFdYypFKyVXsFAhI1:9LavMtgUgoBI+x7vpV8KU","tlshash":"40224ab336dafcdb630b91e8c52f000df37909712629e105abe089c59670568e1a3f7e","size":10445,"data":"","first_seen":"2025-10-22T18:22:16.260579Z","last_seen":"2026-07-02T13:03:20.155657Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js-2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c49c7d03de981f2d14ac5248c0ebb18","sha1":"84a015c1ff641a3636d3af8b06e4810df7e9d24b","sha256":"7e5d84656a934a9db6db1cec0ced470ac661e1f1f30e00e1092934af297654cc","sha512":"beef664eee0a42991c69984c55d45f642a3873609945ce64fc6aa86a4807f56b8ac52d369a465277ee97635d236ad19bcbc5dd8133df732165e991e8c8e6dd53","ssdeep":"6144:IBm5HIy2n8fud75KGq6A0RI6PjLiYYgAxFOY9ftLHAJzaAmnnxZ2icl:GiHITiud75KGq6h/LiYSAJzV","tlshash":"cbb4098e73c67426539af078503f12cba87b29a2b45dc89ab1c9ccf02d7459a4177f78","size":503523,"data":"","first_seen":"2026-07-02T13:03:20.145047Z","last_seen":"2026-07-02T13:03:20.145047Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/script.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"09b23290f542d9a8d35799fe146de353","sha1":"723d11d2bea9dd89798cda8309991d60d2ce7619","sha256":"b30cd7b0be7c9d5ca11d5aa13a4231fe65e8a1c7d6a009b79ee7fd848e8a82a7","sha512":"fe9c12bb002d4ec74c7b359b367ac824780acacf01baa19058508458f023c24451b604cd784a406c4d676f0afdd8e05e1546f1dd6d7cf4c075225f347f34f954","ssdeep":"","tlshash":"4ed0a725527a0175617b4252ea4d3295e022006312489425fedd88052f94b1b3cf1fc5","size":225,"data":"","first_seen":"2026-07-02T13:03:20.190126Z","last_seen":"2026-07-02T13:03:20.190126Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_ssgManifest.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"847833330af42aff9559a1c685a399ba","sha1":"2e44746372b5d2efbe4b2e4d55282ab3d79c70f8","sha256":"76ce852bf3da3d3cac6bf57cfbea77289c8a60395ced0db327b056479e33ed1a","sha512":"79b305ee2e2818847adaae966b9d6b9072066645eb4fdaacf169cee971b9b83e3379fd7dea6faeff3bc1b84b71053081e46b63effdb24f0fd6b52a05fdffdfe2","ssdeep":"","tlshash":"94e0d8524b1dbcaa4673c9291db0bfe707617e03d92c2457dae5015fc43c210ce21c74","size":421,"data":"","first_seen":"2025-10-22T18:22:16.353791Z","last_seen":"2026-07-02T13:03:20.129234Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/osano.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"6070351558607ed165ab52d9cf4d96d5","sha1":"de218d6ac2ff85023562b218613653c3e8a43cb8","sha256":"674846e662453a013ae862298dcaa027d5cf2f105e97f8a6fdeab828dafe68f1","sha512":"f23a484f72caa7f2b45637583d008610d867e6281c976412a2e77d213093c33e16442bb6f170f6ac566da704e9620b3637a4616c5127af1372c0832e69fa7106","ssdeep":"3072:3SVUaaJh5EXenNxSmorLpJsBsu8Ka5bZ+Zkf3qb+5d6hvOohHt9QnHXcaY:3iUBNNNx/ra5V8kPa+5d6hvOohHt98Mf","tlshash":"c83439a136d9f5f103e202d9c87b0201f2299f157829e4e0f3a8ded51854a8b65b6f7f","size":247498,"data":"","first_seen":"2026-07-02T13:03:20.175892Z","last_seen":"2026-07-02T13:03:20.175892Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"f7365663753b6343f54b1b96c6ac4b37","sha1":"3fdb39ca67ed84e192e10a2f3095c9e67afac215","sha256":"4a086dfea7a5d3e42e9eb2620e734df666b35ba7d6c202515f03a5d03b555a81","sha512":"3bae6cf0862b2c0022c021a49eca7f7c6a3984725f3b6c25f8e7ca670dc46ac1bfbc9a2e3c4adad7e1363fd2c94a24af58076c09e2d4fcc1865e2d7a368e2fab","ssdeep":"","tlshash":"41f0ab8b76da24742d4b90365b2c8e243112215ab0854033bcfc88363f092ae0966be8","size":441,"data":"","first_seen":"2026-07-02T13:03:20.201174Z","last_seen":"2026-07-02T13:03:20.201174Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"0e5f52054a6ddd76fa15d5b4ea7a0227","sha1":"e66fa8de6832ed5e2eca686ab9ffcddf172ce683","sha256":"aa077eb52a59099f19611a3bc93cc1571ec071f2c15db69ff818df190180cd4a","sha512":"554e39df4b8a56744cf08a504a152d2aacf9bc7c9dee6530ff26641cf64a868d5a62b7b990a9ed2fde02382bfc72eb2a16d207098f068bf4bb37e5a360f47ed6","ssdeep":"","tlshash":"c5f0bb6969a5126871a7282446afa15571f540230149ed02fe5ce6514f90f1828befdd","size":566,"data":"","first_seen":"2026-07-02T13:03:20.202525Z","last_seen":"2026-07-02T13:03:20.202525Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"f0ad180fe80bc6d51c45fc909b36263d","sha1":"e455a3046e0347e957dc61b2247ab889da9bd874","sha256":"b134e6ab5d405bc8664798a6159a991317568ad38296327199b1433a33827713","sha512":"eca34977b008890554fa831a804c0935efdd835314395afb5a6fa2c3bfc638af6952af298dac01f90e01f071f1c3256222fa63a580effe9ac6db22be76b95777","ssdeep":"","tlshash":"36c02b8c258b1cb040df3bc08f2f7101b001321061a21c31080e3344a730d2b635cd00","size":145,"data":"","first_seen":"2026-07-02T13:03:20.203854Z","last_seen":"2026-07-02T13:03:20.203854Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"56678f8d2a1e3713b6219cbfd816e2ed","sha1":"43afca15fc341b75ab390f66f1299c3c6c82c1fe","sha256":"712df32be8fad110678d93baad18fc6f4589083634f3651a7a4cd266f500348b","sha512":"49dd500a1069e56fe8a14948ebf9fd9cb94d9dea2669e43ef64b09ffc066ae34cd25b8cc691c745ce106ee849099c48d1afdb29d419097d053e7a6397d2c14af","ssdeep":"","tlshash":"04e060222d8d013b8ec0807eb137ed00322191c5a29042d28b8ec8847c24ceecf25d88","size":371,"data":"","first_seen":"2026-07-02T13:03:20.208121Z","last_seen":"2026-07-02T13:03:20.208121Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"895f526ab37305311d1e998fa4d5a6e8","sha1":"06d0220830c81bf254c70552e908371c6dc1f18f","sha256":"90916b8b1fb2fbbd765a22eba866c30d8829f59aa2d7ee86869abd20207b2117","sha512":"6b087d2e2025f4d11073254448b124af8839ce24ff37eb45bf2fd1a2b66bee8fd4fdca2b4d23c08786d217dd71dbc660d1054b7876b37752dee3baaefdaeaa4e","ssdeep":"","tlshash":"2871bc3beb00173bdc8fa9fdced5b4c02e62497262496960691ce102a16cd7487bed88","size":3743,"data":"","first_seen":"2025-08-14T22:47:51.287187Z","last_seen":"2026-07-02T13:03:20.209897Z","times_seen":1354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/852-11362cc70b086e7c.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a29d60137bb089e3f7574e6fc84fa00","sha1":"68fbc9bc1fc61d3a73debc73d9cb462aedac7a8b","sha256":"c6dae96860f72b1f599cdc73281de47d2ad3e3044cf05b4e627c59af5aea253f","sha512":"42dfe402e51c71d30e577b7dfcdc527a16db453703e723ae5af09f6535a2383e8ee954b7d72565a10cee4945095d7fd9c4381f0e50dffebf0e9841d7c6e7d6dc","ssdeep":"1536:O5S8aJwSL0F6f/NtugjE4g88xleDMyUO7rT+xj5x8sr0RkuX7QPB2d1dXa5WChVE:ujM/N0gHg88G+x3rQk+/d1dwTaH","tlshash":"ddd38865a2a5bfecf82b8ad4552f500c722f2f94db0e88f4b5ba68341b440e47953fc5","size":142331,"data":"","first_seen":"2026-07-02T13:03:20.163804Z","last_seen":"2026-07-02T13:03:20.163804Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.kapa.ai/kapa-widget.bundle.js","fqdn":"widget.kapa.ai","domain":"kapa.ai","tld":"ai"},"ip":{"addr":"34.160.184.151","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e905c076aabaf6f35e78cd7361a3cea3","sha1":"09206e4dd8fe89c2b8aca390643c459c77d5c2c6","sha256":"883cc08fb6b367684abbccb47ff040c166c745b29fda681855085aacb2dda743","sha512":"45a49faf1acd673dbf7285c121cb0bd7e39954e12ec821cda4c9602a70779c1e94c6f222b295de14b3277faeaf6a1609ba0ece76744c8b4adf0c4382c2c72875","ssdeep":"49152:hyPERNZRhGPd2IO4enw5LtxIyVZ6TIqNA0o8mJhpsjEqeo0P9:hyPERNZyFO4enwsELo0F","tlshash":"8195af98bca074711b63566651ff6108f2353c22f80c8620f7b8d45e59a75ef2293fea","size":2022250,"data":"","first_seen":"2026-06-26T12:45:12.300689Z","last_seen":"2026-07-03T15:45:55.724172Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/main-1723870a3ff9841d.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"15b1a0e4655e3bdcdc0e5a40961c3eae","sha1":"faef69d505cfea77efb48a20b00fa81b5facd192","sha256":"6d9cd9237eb12261654cee3e3b77a0c5376ad40ebed83e33c70a182c360cefcd","sha512":"bc3fd6ee555ceda25d4d3346b835729fa1e1f99d993c4566211c1bdca20816e1b99ad45c640c1bf4beada6501ab187cf126bf7a6e2189c78f9adb2472c8bc5b3","ssdeep":"1536:ySRurvlQLXmyHIkMvsTDLgZE1IGV3SvwGeUtE/0BKuTgIcNB5f3Oou/Izxo1mp7i:+20+g0uQqzjo5zMyXA","tlshash":"5ad3a42a73d1ba31428af0a09c6fcc85f2b5592d029a240d575cdce9ad2487c93f6edd","size":135259,"data":"","first_seen":"2026-07-02T13:03:20.182316Z","last_seen":"2026-07-02T13:03:20.182316Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_6.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"dca9d53787fff314e5bd1a123b28906a","sha1":"1350c858f60bbb03d1b53b05cbad6cea82ff29d1","sha256":"2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f","sha512":"4f123c356eec731b4f3653afdc258b385c8a0040ea14831893fa850c1275efe1fd49c51d4acb5f7541e01f2b9e46bbac0266e5893a6987b568f6aa2e0b0d492a","ssdeep":"","tlshash":"41a002f3187682224e93c660d963fb88d952515dfd4985cc60259e5ae7e29dbc010e90","size":75,"data":"","first_seen":"2023-03-07T01:15:59Z","last_seen":"2026-07-03T17:37:02.006874Z","times_seen":101561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_6.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d3461dbd31da070813f494d0f5e4788","sha1":"d140f9ef94eedc66ec195e812bf954df37459534","sha256":"f79943297039ec72b2f87a383b5b43ee7d69abab02c1e8a95050b284b5f1ec3a","sha512":"12c3465e9a9b5171b2ca59ec50c6fa384937830fbbba76fc0dbd17e5255c20ea78b36c90627eb958acd8f560396e69958d0d364b55d74fbe72a7eef95011ec02","ssdeep":"1536:n27gHbAmCG3LTxVDOxTcdm/LY/C37c9uom4JWX4T5MXIk:DLPOldjY/Ac9Hm438Ik","tlshash":"f263be2ee67374efefbeda5156f0b6d8223eb146105205cc15fe04824a7af86766c0d8","size":70171,"data":"","first_seen":"2026-07-02T13:03:20.212873Z","last_seen":"2026-07-02T13:03:20.212873Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/974-31a7cc3dfd4385fd.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1c2767134c24eaa32863fc007de9248","sha1":"cac7975bf648b61edd6f0e2be90e9bef6a086dbd","sha256":"27d878dec398c752008b0435cbda35e3a884cec37513028de06fda4ed5a9ef26","sha512":"3d68b48921730191c04c4f416b2ca68975c684b0a05b87c6cee160d4599403e518a49f2c3ca883b071bf7c917941cb6e2654c43f7602339b417095290fc5559b","ssdeep":"96:7kqw+oTzV3x9aKEwmUqUWhtb0Eq1D+K7FMO42vpv+/5HD+:c1zV31EcnWgEeD17FdLNY5HD+","tlshash":"70a1b5e233817557c39e53a3842f010ab2b8bef5241b586ef6586cc7282554d93d3fb8","size":4808,"data":"","first_seen":"2026-07-02T13:03:20.15735Z","last_seen":"2026-07-02T13:03:20.15735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"c120aa27ed66a5676adc12f5a86acfa6","sha1":"84eae7b129d14575c14755170d5430c287e736fa","sha256":"0fdb79e5520db869a19a943f9cba1ce289045ae6df218ec3636712b5499770c5","sha512":"327082815bf95aee0ac61547c3d6989624a0f35eb808e8d2611d3627a9065eed3edd64420039ab8d616975392c34102f599efde8650847944d0efca62ab363f5","ssdeep":"6144:d5HIyd8fGd75KGq6ADRI6POLiYYgAxFOY9ftL/AJpkAgGpi:PHITGd75KGq6saLiYYAJ8H","tlshash":"798428cd73d674269392b478403f118ba17b69e2b84cc895f189cce42e74a9a4277f7c","size":378687,"data":"","first_seen":"2026-07-02T13:03:20.183668Z","last_seen":"2026-07-02T13:03:20.183668Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/[flexible_page_slug]-33d706343c51c31f.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9a62859f8399b167ba5dd528a5e3759","sha1":"963242247a469be9c8204082d86c1092b7e7d2c0","sha256":"da3152848da3540f238b29d3c027efe230e44bafb7d1b4500ce4f108da62dd25","sha512":"4d64b2cb143cf4870600a106c4a774307e3dd0132eb93db20734118b3b9b3f5bbcc40c27d425dbed863fa7fbdff939c8e0331f26cce21c7704c856d934f3329b","ssdeep":"96:ZAKrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8a6:brR0v2BY1BlFwA3ga6","tlshash":"1db196417a92f874e7af6558407f442cb33f3f5174098064f33e6c543925ac6e296b9b","size":5344,"data":"","first_seen":"2026-07-02T13:03:20.170852Z","last_seen":"2026-07-02T13:03:20.170852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/framework-c123073e70017576.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"0bc965ad2d2558b91c5a3788c31cb746","sha1":"e0e0663151c14a3fa908734dfc659820ccb27ffc","sha256":"804de3ea4d6b08da6ea65b9e992f59abbf97ea8e2592c197571a3e0a900f1fb1","sha512":"e1874d2475910cb65176e76d3ba227f28de4cd75a63fd0aa9ec9d95e9a7a7893e1537b5fa7692e9a76d6c9111ce9a2de68a4fdf808aedd1437994a29f827a0c5","ssdeep":"1536:Qv1NH6ZMumPhxj3hnpR76oedyWyTDJTQy:Qz3pp963dUmy","tlshash":"04d309e83995f6516ab311a700ef2803737d2a1b280c4960e215fd9e75b842bb17bfdd","size":140022,"data":"","first_seen":"2025-10-22T18:22:16.090103Z","last_seen":"2026-07-02T13:03:20.139903Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"8cf85248b1481e610bf0412828dcfffd","sha1":"6bd5f82eaae44334e0e9ce087dd9bdf325e778b4","sha256":"188dc1a2dedfe83ab4bcfafaefaabcdb380831a4da5ac34381234969fbf5fea8","sha512":"f375abb030d3b863de512b996a398498a1e76e1f7d49a3e13d2688314ec93e02f4c41fc47a04724b18e282234bc4b268516fbf73f10a943fd083e223faa0edd3","ssdeep":"","tlshash":"97c02b8c218b1db041df2b404f1fb600b0013210a4a21c3008053344a620d0ba758d10","size":142,"data":"","first_seen":"2025-10-22T18:22:16.957314Z","last_seen":"2026-07-02T13:03:20.21496Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_buildManifest.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab1d832944b0908a08037f32c3a762ff","sha1":"45f4a39afc01cabfb1a393d18190678bc9bef917","sha256":"3ed32a172586d96077e8dab3f63d59a13a130795225d28d048b00c17bf0edfa4","sha512":"6c507b0295931c4b8d9d4dcaa53ca97b3416a8c9c8c6974aba05d2a17901179a47be107983352375a61e9081f5ca115f56d7445d54989dc0dc1aa7b24e0e732d","ssdeep":"","tlshash":"e4518b87000af8461db9dcde342b2be2db91fa3211381594f7cd4d68059c37a8fad832","size":2458,"data":"","first_seen":"2026-07-02T13:03:20.180854Z","last_seen":"2026-07-02T13:03:20.180854Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/recaptcha__en.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"07bd9db323e20c5712464eae395c4bbe","sha1":"ac8fec5c3ef6987c9bba9ec707575c133dc32876","sha256":"58e16769fc5ea29486677fff7b25f0acd26e0077ef0e0d0a1c5c56545bc7b77a","sha512":"c840b50405fd4d0c82ccff537be49125cdc04674237f1945e8963c276dba99bb39b275d952f5033a7ea3978af474d3a56e932709673d00b973454102489dcef1","ssdeep":"6144:KmRDQSxp9xWrL3fe2ioyvWCbhjXapYaqqPeGfFrFVCk6y27CKIRIR8LzWpKofGnZ:d9Q49YrL3feq2sFVUCTI6EKofqnZ","tlshash":"d50519dcb5427b619332bdf160671068673e9a56c458096db2d8c4f43eb8809b2a3ff7","size":829613,"data":"","first_seen":"2025-10-29T09:05:47.950022Z","last_seen":"2026-07-02T13:03:20.166544Z","times_seen":13351,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"85f513721733b1ea1e5797e62e97ef55","sha1":"faea891d250eb4f3696c946b5cfa3b02a2d4bba9","sha256":"1813a0b77a53c9f0f16fd5fda061c4085302fea7450f33845d48c0d8d7bf0371","sha512":"2400c353fbb7fcfbae4b657c7810a12a8dc33eb5a95d021594d51d87ec0b8bf1e5e62a4191328d77432cf955308754dcfe988693efaf3243bd64949475e43131","ssdeep":"","tlshash":"e5e07da62d0c5c679aa01a7c52b7920a35d3158134d40fa1c2ca9dc03d32ccf401be48","size":323,"data":"","first_seen":"2025-10-22T18:22:16.41837Z","last_seen":"2026-07-02T13:03:20.216623Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/509.1aa9968d5075d997.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"56d37f9d839bf1771aa478d2b2feb35f","sha1":"8d267b0d46cfe32a293e56af5e68bd0718358168","sha256":"4c8b44cfb5cd3282ddcb862bc55ebd92e3281b87e9b25bb8eee33bf940fba93c","sha512":"0a089751fe5a70c534e0746078091a6a7b3efd615a9ea9335aca97f568d6720394f1e9286337c7f7c2e79173325e26e58c259129881f854b501424e793836229","ssdeep":"96:7wmOHi1SSnwsPp0Ufy/omgfZxbQSstv6xDOLszA9B7jhUYv5k0:7yC1SP5ophxblo6U3PhUM5k0","tlshash":"65a1935232e13eba93cf00da80bb445d727b2d1d241e4920b17dbc4d2b629e561e3f9a","size":5067,"data":"","first_seen":"2025-10-22T18:22:16.276491Z","last_seen":"2026-07-02T13:03:20.146393Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/blog-2116eeecf4474633.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4da5cdc753cee998e8e583672983d6a","sha1":"4b5a522f6d6ec9494d9ab3e87a47166c526a9e08","sha256":"14177cc55abff1da42f59e1762c64ead373724601650fba33b3376e1a1b6b69c","sha512":"ef624946d4f543a32d6ec4013f88c5e815d862daf9bc8c6ec8dcd9315b95e0436c0cf6b38839cfa9ed978d30c90faad1f14d553318e3416c5a2c2a5abc9af825","ssdeep":"","tlshash":"6bd0c2867aa27864a72b24b800bb290977fe699638dc98c8673184d17c3102e8251e8e","size":284,"data":"","first_seen":"2026-07-02T13:03:20.130574Z","last_seen":"2026-07-02T13:03:20.130574Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/343-70894edc4ae75b11.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"2579f4524d859000f7be3d46d85d32ce","sha1":"555e40e077d167b84683829e2a8512e5a7ca0d0f","sha256":"85a2f82b6ba59fc20c18e3926af6f74a67f5745cb8539d0ab5669fe76cdc1735","sha512":"dd748079af04efd6d94a77dbb6d7e28cf7ea013a8850fa19d4f354b0b878d27f526a48686cf1b26f5eebd653d6caee4593394ed824471c8337565c8bc4de1de5","ssdeep":"384:zO67cGMw12bDe5DgzWG3jWiUplJd358JOkMtPB4n35antjI30A1dApb1TnAkylo8:bMw12bDHfUld39FIOzA","tlshash":"b4e209e53152b139c7ef41a7402f4129b7ba3aa4340e4424e17dd98d38b4e86d2f7fa6","size":32343,"data":"","first_seen":"2026-07-02T13:03:20.168832Z","last_seen":"2026-07-02T13:03:20.168832Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/unshielded-190aa55244fe3e09.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2969b9a20f386faa13bd93285a0b501","sha1":"407eaa2cc92c528c5f817a293910f763f29b5666","sha256":"fc368d14a52bc39a3dff2ee817d210d596dc4485771504852161fbe2f0ecbdd6","sha512":"a311b23689d7c1e37ef2391dea2cfc8ca8b6c7c4036ee62b8f1ed62e80cf556dcf550c4215f8450a09d012122999ce9866ddaf79f6ff95680e8c69e8e4cb3345","ssdeep":"384:z7H0fQqsKvlVzkPQrD3f7QT3wjxAryt7AH7O7lXhSJAd7/t7cw/RHWmnLlkXjgYN:zwfXRvlVzkPQrD3f7QUjxarufHnLlkTF","tlshash":"44a2a7d4b29d7ef8a6a743856367000c361f6d85a82a89f8e77cec01e9458dcb193fc5","size":22446,"data":"","first_seen":"2026-07-02T13:03:20.151469Z","last_seen":"2026-07-02T13:03:20.151469Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"midnight.glacier-rep.com/0e27e1fbdbb1cb415485364e3d15b5c58b1a982f.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.718Z","timestamp":1782997345718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /0e27e1fbdbb1cb415485364e3d15b5c58b1a982f.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/5a9659fe65a50ebb.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 714\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1665,"size_decoded":1027,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2c69f0f46ae955fc55ace3a8ed5ee227","sha1":"0e27e1fbdbb1cb415485364e3d15b5c58b1a982f","sha256":"dc317edf7f950f8583171813a0771dc9a14726cbb77abe0c26923fe329796ba9","sha512":"b49d945538f55d495c7f3275dd56aa8c055db9974d8be5f63c2bc1b3a8dd129abba44728bbaede90e1cee2839e850997b7866254aeb5826395a04bcd06e2ab68","ssdeep":"","tlshash":"3731fee92354128c979be90dcd7a48647f5ff0b9bf4e4b8510af8f332087185db86829","first_seen":"2025-08-17T05:12:00.588523Z","last_seen":"2026-07-02T13:03:20.09296Z","times_seen":6,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-SS9KZ3GN21\u0026cx=c\u0026gtm=4e5au0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.127Z","timestamp":1782997346127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-SS9KZ3GN21\u0026cx=c\u0026gtm=4e5au0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nexpires: Thu, 02 Jul 2026 13:02:26 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 186702\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":579085,"size_decoded":187286,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9309)","md5":"8624094f59eb2ac96f396200a61c4390","sha1":"fda3cf2019f1dc2aa242edd18f2683cff0c8cd38","sha256":"5946022c01707b790fc43c6d12cc7b6c4a3dd31f8c2dbd69f939447c7e62f8ee","sha512":"58d3c5cdad0c8edb7ab6da31ebf9e28461602d014aaa06c99b5385f81c93e9338ae8fd1841b529b98407a7220fd0eb1212adb8310443349810f89dd7290ecc8c","ssdeep":"6144:mTUmKtCn0dF5iqGCvJWXLd5fpcxIGQznsWjfpUpEGmfuvIrqR:mQmKzFY0KL/tUpEZpWR","tlshash":"cbc40bceb3d674225396f479903f01cba97b24e2b45dc8aab1c9cce02d7454a8167f78","first_seen":"2026-07-02T13:03:20.094099Z","last_seen":"2026-07-02T13:03:20.094099Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/25af5e9fb3b95e68d39dff36f1b12050dce291b1-40x40.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.160Z","timestamp":1782997346160,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /25af5e9fb3b95e68d39dff36f1b12050dce291b1-40x40.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 428\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":843,"size_decoded":741,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"45a38ab0cf12ed4b5ebf6915573546ab","sha1":"4070f41a03aab8d957c45b1f5dab40d2c7c48610","sha256":"2f06351850a9960565c8a28126656c6ec698cb118e4a0f6229b5070f187cb9f3","sha512":"e21530f749c36359a2a90d79b6bd207521364820145925ae80d74deaa79c103c3c866c384ee16304df0f9fea68e746c1b5f76971f84a7b6889f6d4fb9f006b8d","ssdeep":"","tlshash":"0f01a3210274987eb15856a0b2d4287a7e3715fe3655c7ddd7880823bd120cdcd249e9","first_seen":"2026-07-02T13:03:20.094993Z","last_seen":"2026-07-02T13:03:20.094993Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/020d8314-add014fd3e4aebd1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.119Z","timestamp":1782997345119,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /020d8314-add014fd3e4aebd1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 117036\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":495005,"size_decoded":117275,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dea6cfa7677ed3faeac12cb6778f71f2","sha1":"38522d2a2ea4a880ada73c4d8aefa6c534a6adb7","sha256":"ba5b9ee20e207d22c0d57cd1b5d5de971d074780a8ad04280b0116678418d750","sha512":"a9807c3d5def5b7c4aa2fed70213f5aece2f3cea8f3b9643a4490f8cb0486b1619937c2636b2fbe315d3789043e48c3db35e1e94563cdd000408af2c94b11787","ssdeep":"12288:j8oMNbXxHSdzWDLQJ6MIwv+ZeWD7iq5Cx:ErxHSdzWDLQJ6MIwv+ZeWD35Cx","tlshash":"3db45bf63275b0174f0754a754b90442932db8d73809867cba1ca4eb74e0998b2fbfb9","first_seen":"2025-10-22T18:22:16.256435Z","last_seen":"2026-07-02T13:03:20.095895Z","times_seen":3,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/646-4147751f80329f7d.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.122Z","timestamp":1782997345122,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /646-4147751f80329f7d.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 28166\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":99321,"size_decoded":28404,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (55132)","md5":"58d6a28374bbc976a34d54c575b763bf","sha1":"59a2307d7059077b00e39d58e368540afade3887","sha256":"6fa923ac66624dec1940c77aea2a94572a6b89ecadc8999873c6d74c3fd73835","sha512":"b7eb606c99fb6d480cf1528d4b641c1df999443a0c8132a09afcfe990a2d460017d8a29335e669c2a2f332ca4e98a1ec8e79f885c06ad156e850565c26126088","ssdeep":"1536:+TvoKx8kRnvGLpBlxvH68f2N/63wlAgSPLxABsFMBvpqBoYJ8XiA6wiaoG:MEMUNgSPWc0OxlaoG","tlshash":"e4a309ca7221b5b692db519a92aa8112b3f65844740d847cb1f48ceb547c99c03ffff8","first_seen":"2025-10-22T18:22:16.288398Z","last_seen":"2026-07-02T13:03:20.097191Z","times_seen":2,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_6.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.954Z","timestamp":1782997346954,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_6.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 46050\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":80300,"size_decoded":46282,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56638)","md5":"3435595d39c5c1d66af5544008a1bca6","sha1":"0a0576a2749d8e93cb39309851dc839de823f3e2","sha256":"a4ec3d2df23d92798079a12ad8f26106bc664446bbe0bf4b57d4c7c221b64e86","sha512":"e47f022dbc7ba5d17679903b04f431b8dd91557a8ae7eb6d8479b1611c88eafef9c551b6e10a7f193566f9f7f905c7e8c952ca66942ec90e6201c298684763e2","ssdeep":"1536:iq9Y27gHbAmCG3LTxVDOxTcdm/LY/C37c9uom4JWX4T5MXI4:iaGLPOldjY/Ac9Hm438I4","tlshash":"cc73bf259523709befbf8dd1a7e17fa8113eb245108205dc26ff05854e76e96b2683cc","first_seen":"2026-07-02T13:03:20.098786Z","last_seen":"2026-07-02T13:03:20.098786Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/styles__ltr.css","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight.glacier-rep.com/index_6.html","date":"2026-07-02T13:02:28.545Z","timestamp":1782997348545,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /styles__ltr.css HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/index_6.html\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5304\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31855,"size_decoded":5613,"mime_type":"text/css","magic":"ASCII text, with very long lines (31855), with no line terminators","md5":"6dcdd75487946fb595ab01eba534ed00","sha1":"04bdc0fcab88ba628c1fc543d3b223b9a1da01cb","sha256":"c40cd5547183549fbbdc86837e7534ffb5a74755c871d3fdfcf934bf5be14fad","sha512":"8421a52b950738023fdfcd0d1f35600c61d2d195b8b434a39ec8960c54473c1f7f3c68812bb9ac36dce47035eab33f81a8fc8b5eb270a2c5aa4f5940e7fc19dd","ssdeep":"384:+RcH72zReA2yBOq+5N54PtSqxaG9eoc+cFs1gYDpLhvPTodVcVMcCCA9J8cEPc7:+7FebyBQN54P5xAugYFrVFCC+JVEE7","tlshash":"5be2d96378903b2af8279b6521d56efdf22cc913e5520fb9a6467630c3cf1994163b07","first_seen":"2025-11-18T00:46:11.68346Z","last_seen":"2026-07-02T13:03:20.100072Z","times_seen":5,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com.ng/pagead/1p-user-list/16845541115/?random=1762176891077\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=gtag.config\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xec\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026data=event%3Dgtag.config\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0Vm-HgLo_Wyz9T8VLeN4UDRz21rTT1-wWzSYVsjJXpWCcuhE5wW7xMf_d7zIevLX9m3YkXt_Wi4ktMeJgoCvUlqTZs9xA4vNSe5p5Jdb_fHorjaJ0WOy2nu9Lv3oKScP7V2_wRI4i8LXnr79Aw-z7B5qtKB6FMFHZWcZBZ9JHydf9v8BdBji0OU\u0026random=1752143482\u0026rmt_tld=1\u0026ipr=y","fqdn":"www.google.com.ng","domain":"google.com.ng","tld":"com.ng"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.821Z","timestamp":1782997349821,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com.ng","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:42:35 GMT","end":"Mon, 07 Sep 2026 08:42:34 GMT"},"fingerprint":{"sha1":"FA:A8:31:08:34:25:ED:38:1F:A4:63:57:BE:73:19:DF:3E:E8:8A:3D","sha256":"57:03:09:50:FC:0A:50:50:88:E4:C2:85:EE:09:78:35:EF:A6:16:99:8B:8C:A0:6A:9D:99:38:28:9D:60:D6:14"}}},"request":{"raw":"GET /pagead/1p-user-list/16845541115/?random=1762176891077\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=gtag.config\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xec\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026data=event%3Dgtag.config\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0Vm-HgLo_Wyz9T8VLeN4UDRz21rTT1-wWzSYVsjJXpWCcuhE5wW7xMf_d7zIevLX9m3YkXt_Wi4ktMeJgoCvUlqTZs9xA4vNSe5p5Jdb_fHorjaJ0WOy2nu9Lv3oKScP7V2_wRI4i8LXnr79Aw-z7B5qtKB6FMFHZWcZBZ9JHydf9v8BdBji0OU\u0026random=1752143482\u0026rmt_tld=1\u0026ipr=y HTTP/1.1\r\nHost: www.google.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":42,"size_decoded":641,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-07-03T18:14:40.2218Z","times_seen":971832,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":3,"connect":15,"send":0,"wait":36,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/static/service_worker/5a20/sw_iframe.html?origin=https%3A%2F%2Fmidnight.glacier-rep.com","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.356Z","timestamp":1782997346356,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /static/service_worker/5a20/sw_iframe.html?origin=https%3A%2F%2Fmidnight.glacier-rep.com HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nservice-worker-allowed: /static/service_worker\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: sffe\r\ncontent-length: 1648\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":1648,"size_decoded":1979,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1136)","md5":"045c996fe8419511205f5da1a91b237f","sha1":"0b1d86d42ac5ac35b22402af898ddc9436f8e73a","sha256":"073dcf10ee090f441bb84f39d819856e32a3cdbf51bace06f61f321509b2e148","sha512":"02b949b4b7d67b5751fb8a6ce1ddd0237d2f838ab112a7c7e2559c64f2a1632d97e7289bb5074dc9ffca89e535652ab7726e085be94c5e7111ad28fb894a6304","ssdeep":"","tlshash":"ca31a87fadcd209fac2bc0b19493a154614a8d81f355cbde6b5dc635e4daa4910336c8","first_seen":"2026-07-02T13:03:20.103187Z","last_seen":"2026-07-02T13:03:20.103187Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@rive-app/webgl@2.17.3/rive.wasm","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.282Z","timestamp":1782997348282,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 16 Jun 2026 08:46:51 GMT","end":"Mon, 14 Sep 2026 09:46:24 GMT"},"fingerprint":{"sha1":"BE:A8:55:77:27:FA:F2:90:06:36:65:E9:19:F6:FD:ED:5A:06:9D:D5","sha256":"F8:65:79:AE:79:B2:0F:45:A2:F1:17:30:50:86:B7:3D:E8:9A:27:7A:4A:87:7E:CD:39:A4:0E:EC:92:07:2F:94"}}},"request":{"raw":"GET /@rive-app/webgl@2.17.3/rive.wasm HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://midnight.glacier-rep.com/\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\ncontent-type: application/wasm\r\ncf-ray: a14dd852edf7120a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 25692\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 02 Jul 2027 13:02:28 GMT\r\nlast-modified: Thu, 02 Jul 2026 05:54:15 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:8xNm23rugVHw+1/BCRV5NSYfAU/knUHLMyqY128BSqM=:\r\nfly-request-id: 01KS24GT7BFQM6SQRK2YYQXCWR-fra\r\npriority: u=4,i=?0\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"WebAssembly","description":"WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.","website":"https://webassembly.org/","common_platform_enumeration":"","icon":"WebAssembly.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5002844,"size_decoded":1697138,"mime_type":"application/wasm","magic":"WebAssembly (wasm) binary module version 0x1 (MVP)","md5":"4c9ec8aa4ff294c33defa874cff1fbb9","sha1":"f6abe04bfedd35299dde4bdae1d784ee1a284750","sha256":"30e85366478179168dd709a93314d77b4a061dce2405d0b2f83a52f8a06ee5db","sha512":"4f2b0a20102a0fbd579147d8f70988f44987cdd24752b625bb419d1476d612263a69c557bc566a82685526258fbe2d29f2d1fb6ad456c3bc1d340e23181dcbd1","ssdeep":"12288:XT2MW+LqocWHJiB0I9Q+JLNJfksUEtG5NmqwbL84m7RCl8VfJj3wF174YufgkG:P+C4m7Nj34lu4r","tlshash":"ac250802f11f99aaf400b9731a0d653a27669e9072a465f1d7cd2cbb2dbfd0570cab70","first_seen":"2025-10-22T18:22:16.297821Z","last_seen":"2026-07-02T13:03:20.104821Z","times_seen":3,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":6,"connect":12,"send":0,"wait":164,"receive":398,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/adsct-1.gif","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.436Z","timestamp":1782997345436,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /adsct-1.gif HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":306,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-07-03T09:24:00.646185Z","times_seen":1282,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js-1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.097Z","timestamp":1782997345097,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /js-1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 153795\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":497997,"size_decoded":154034,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"5bc63e954503848e981b2622e980387c","sha1":"59ce66a50d57ff1e3719e47965ed66949cc17f11","sha256":"82a369b8d915db232d09b98c08a09318feda2acb38c8fb1dd196a9b6e6296c36","sha512":"14284609175e7b8520f6784324919d9cbdbc207160f9a7788534be0375503eb5d4044c46f2a9a928890ce05ec17622525926a1a7c5a02657e0e905899d150d34","ssdeep":"6144:QBV5HIy2D8fud75KGq6A0RI6PjLiYYgAxFOY9ftLHAJ0aAmnnxV2irl:+XHITeud75KGq6h/LiYSAJuC","tlshash":"73b4098e73c67426539af478503f12cba87b29a2b45dc89ab1c9ccf02d3459a4177f78","first_seen":"2026-07-02T13:03:20.108238Z","last_seen":"2026-07-02T13:03:20.108238Z","times_seen":1,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F7653209ea6d8ede8b792c5bb92498507a325a370-1012x568.png\u0026w=640\u0026q=75","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.285Z","timestamp":1782997348285,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F7653209ea6d8ede8b792c5bb92498507a325a370-1012x568.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/data/QBEE3mluZfbFxSVyI0d3m/index.json","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.749Z","timestamp":1782997348749,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/data/QBEE3mluZfbFxSVyI0d3m/index.json HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://midnight.glacier-rep.com/\r\npurpose: prefetch\r\nx-nextjs-data: 1\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/f.txt.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.152Z","timestamp":1782997345152,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /f.txt.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2221\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5560,"size_decoded":2458,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5560), with no line terminators","md5":"4f42ab87b9d72f466bf7f11c662e00bc","sha1":"38069f800d8c669a416ffe491500981dec068b04","sha256":"c8693016014be5dd902b061abc434958ad17f82cebc6ea6c58438d0846d59622","sha512":"196144002f60356d4efe0de37c24983a67d3f95a38436a617e1560f8201e8dc400e796cbe0900d142f24e38928571e6efd1bda91c4b416a10cdacaad511eb242","ssdeep":"96:Eg1BcYm9PbxaKVkulwhJg6oGhzfcQvphS1u3ZvphS1u3J:EfLchugggbFvpU1mvpU1w","tlshash":"35b1c6cfb7b5b2679292b4b2672f6207f0317d63d8d8f900f522c894297d66e2086e45","first_seen":"2026-07-02T13:03:20.109937Z","last_seen":"2026-07-02T13:03:20.109937Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/790493062366b213514d3d6ead4950245a5fdf9e-418x504.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.153Z","timestamp":1782997346153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /790493062366b213514d3d6ead4950245a5fdf9e-418x504.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 528\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1087,"size_decoded":841,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"76fb6050b2ea739b8e806bbbcc726bdc","sha1":"11483f5094738b0c269aff6f6e28a7d157586407","sha256":"fe3857584985919b00a06c78f27abb32e0a2ff9cf1dcc76431e2141ec2a0bffb","sha512":"04666c941236e426bd5a86fe8c31ef55fa1ccc6432428aeb45587f1c94911efaaf683824c696c913b04c221d04415d309ba3ff354d507dbf1a543815ca647464","ssdeep":"","tlshash":"8c1126aed39b13b9b82a873c887887053491900f6491c0acf59dc552b74ccf14571ade","first_seen":"2026-07-02T13:03:20.111196Z","last_seen":"2026-07-02T13:03:20.111196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_4.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.956Z","timestamp":1782997346956,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_4.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 626\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2032,"size_decoded":856,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2032), with no line terminators","md5":"d05308d65b1ab2e82b3bafbee4f3ab94","sha1":"e4673df22fa375c6b6727676957e5956f73137bb","sha256":"91710c3ba9277ceb6dcad19cbfde7fbd158c4f9288f940241ed0fa1b0c456b2e","sha512":"9592ce802219170b19eedc996eb6b2f0b90e3175303da1dc8a016057b3ff80bf05bdfbab45cb78bb30176207cab863d1d5ca7ed32f86226e9312a175ada4b198","ssdeep":"","tlshash":"f741358698f7c7329c3e76429800d3f85927e3076399e7f89494c12249a0e8f9cc75ae","first_seen":"2026-07-02T13:03:20.123409Z","last_seen":"2026-07-02T13:03:20.123409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/941-34df068889cb34b3.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.143Z","timestamp":1782997345143,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /941-34df068889cb34b3.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2561\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7180,"size_decoded":2798,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (7180), with no line terminators","md5":"d7615f0bafcc86d9bdf688df8c8cf96a","sha1":"f2af41bd967bb5e9f59709bee1faa2892f606555","sha256":"5d5c5170c64c664aa956e1e7f1c849e9a08a5603e2620f3b66e35a6a15dc6eb4","sha512":"161abb8e8b98e450ba404a97c5a4dc53277a297113c3a3808d908e764ceb7ce82b4f54edf3cc7a4b37dacc4661d3c00a012fd0ca07fc010b9e516551fee17772","ssdeep":"96:OLg1ZM/ZNQClbUBCXB7RqoiFWoir18vhVtzWpQ4tJflRaQaW4TnASVJV76VkMKCE:DzWFlxB7cWLA3tNt/WUBC3u3NwFI","tlshash":"d2e14254b155aeecf93a45dda06fc04cb16f3b4cce0d88a4b4b579206c495887e8bfca","first_seen":"2026-07-02T13:03:20.124631Z","last_seen":"2026-07-02T13:03:20.124631Z","times_seen":1,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":264,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/229-aa32899c3725cbd2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.148Z","timestamp":1782997345148,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /229-aa32899c3725cbd2.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12512\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":34137,"size_decoded":12750,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (34137), with no line terminators","md5":"261070e06e612b6a39c6c705fa4cd21d","sha1":"3d2fa37a82350cc639a5f481f9b2e6c224c415d9","sha256":"0ecc52e88a70a8e98bcebd7fb61df5214024aefbb9bed64ecfd528c316510fc9","sha512":"82dc59774bf37e7099eb4155c5a02837712f1cf30d12bfdf91a7e7d69e86c3a79a8647a72d4ccb5c9ec9d698ce1c0c693ff562a7dad760965bc92fcdab7c1b67","ssdeep":"768:zR/rUNkVJ6PyU9PmQAFxDclxzlabZOTtLVfiawY9548N2c1llw5V+X+hVMsuttNx:9/rUNkVmy5z9wxMlStwVqjqittNx","tlshash":"8de207ce5368e6e8f4889be8de37644c772e2c79af67c200d3a45d10e4460e9790eec5","first_seen":"2026-07-02T13:03:20.125827Z","last_seen":"2026-07-02T13:03:20.125827Z","times_seen":1,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fmidnight.glacier-rep.com%2F\u0026scrsrc=midnight.glacier-rep.com\u0026rnd=389601900.1782997346\u0026dt=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026auid=929305876.1782997346\u0026navt=n\u0026npa=0\u0026us_privacy=1---\u0026gtm=45He5au0h2v9204735153za204zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322302~115480709~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026tft=1782997346006\u0026tfd=1601\u0026apve=1\u0026apvf=f","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.151.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.009Z","timestamp":1782997346009,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fmidnight.glacier-rep.com%2F\u0026scrsrc=midnight.glacier-rep.com\u0026rnd=389601900.1782997346\u0026dt=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026auid=929305876.1782997346\u0026navt=n\u0026npa=0\u0026us_privacy=1---\u0026gtm=45He5au0h2v9204735153za204zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322302~115480709~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026tft=1782997346006\u0026tfd=1601\u0026apve=1\u0026apvf=f HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://midnight.glacier-rep.com/\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://midnight.glacier-rep.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":553,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/45047878.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.107Z","timestamp":1782997345107,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /45047878.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 520\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2049,"size_decoded":756,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (542)","md5":"00f5849861ab7c0c1f6c5df93dba03ad","sha1":"e506f1b9038b6fbab5cbfd09f1b185395a8ce005","sha256":"0078f3f2b2533eb0b43aa2b589c47a8134dc35f5bad21a92a7eeba85d99d4afc","sha512":"d1352404364090fdd70397bdf4e3c6f7ec8c66ab5d0439af4c70964a77028e303a42e1a3ddc0883ec948c3c3dc4115e475bb0dd00d17aac7a054e7e2e0536ba3","ssdeep":"","tlshash":"e241223b7c169c3886cd46d99a79c999b4e43132a411cc9284ced44ce6bcfe6202ab1c","first_seen":"2026-07-02T13:03:20.127953Z","last_seen":"2026-07-02T13:03:20.127953Z","times_seen":1,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_ssgManifest.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.132Z","timestamp":1782997345132,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_ssgManifest.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 156\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":421,"size_decoded":392,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"847833330af42aff9559a1c685a399ba","sha1":"2e44746372b5d2efbe4b2e4d55282ab3d79c70f8","sha256":"76ce852bf3da3d3cac6bf57cfbea77289c8a60395ced0db327b056479e33ed1a","sha512":"79b305ee2e2818847adaae966b9d6b9072066645eb4fdaacf169cee971b9b83e3379fd7dea6faeff3bc1b84b71053081e46b63effdb24f0fd6b52a05fdffdfe2","ssdeep":"","tlshash":"94e0d8524b1dbcaa4673c9291db0bfe707617e03d92c2457dae5015fc43c210ce21c74","first_seen":"2025-10-22T18:22:16.353791Z","last_seen":"2026-07-02T13:03:20.129234Z","times_seen":2,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/blog-2116eeecf4474633.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.145Z","timestamp":1782997345145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /blog-2116eeecf4474633.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 171\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":284,"size_decoded":407,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"b4da5cdc753cee998e8e583672983d6a","sha1":"4b5a522f6d6ec9494d9ab3e87a47166c526a9e08","sha256":"14177cc55abff1da42f59e1762c64ead373724601650fba33b3376e1a1b6b69c","sha512":"ef624946d4f543a32d6ec4013f88c5e815d862daf9bc8c6ec8dcd9315b95e0436c0cf6b38839cfa9ed978d30c90faad1f14d553318e3416c5a2c2a5abc9af825","ssdeep":"","tlshash":"6bd0c2867aa27864a72b24b800bb290977fe699638dc98c8673184d17c3102e8251e8e","first_seen":"2026-07-02T13:03:20.130574Z","last_seen":"2026-07-02T13:03:20.130574Z","times_seen":1,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/990-806d3e61c60821ed.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.123Z","timestamp":1782997345123,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /990-806d3e61c60821ed.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 26976\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":84695,"size_decoded":27214,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6502f8d5f8c7c2c472bb2ced668e2061","sha1":"d60564120de2b8dd6ab136db932960739032ce01","sha256":"bf43164875884cb0129ab01d824602b8f0c803b10e01ccdd5b6a5d9e708a30c2","sha512":"cc7a1a57962781f417d8fe876ab8a120cbdf1f60ec78d84ba89e178683e52d689d89d3419827202d44b4b91186ac34284e86c795317cdc6a5ad16a0112be2cd6","ssdeep":"1536:5lVL5SL+S58xm0Er9fg0z+ZeMehvrPb5m7KNTH9Pl325f9dpfd3UEtor:7VM584AZeMey8ZPlMFby","tlshash":"e58318c67292f074cbab6166803f440ef23b2a98644d4004f37ad9d93c79999d377f6a","first_seen":"2025-10-22T18:22:16.271856Z","last_seen":"2026-07-02T13:03:20.131853Z","times_seen":2,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index-5aeef11a381fa424.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.130Z","timestamp":1782997345130,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index-5aeef11a381fa424.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2206\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5443,"size_decoded":2443,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5443), with no line terminators","md5":"d817be4104bceff9d2f9e9cf9847c8c3","sha1":"23cfb655ea0d02a48f85f3d3c1f4d771cf761d20","sha256":"2f90f11937f390140480594ad5a2c7b5d5f20b2ab5b41fe99cd3e2dc6753a5c8","sha512":"af49c4d99832c40dd8ccb94bd326d8642e07078a52de217fc1816bfebad50f185f055533892c7e37d8843fc16767e35b215f884e049e76d46d0358875a242f7e","ssdeep":"96:UARrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8s6:BrR0v2BY1BlFwA3gs6","tlshash":"f1b1b5417a92f874e7af6558407f402cb33f3f51740a8064e73e6c543925ac6e2a6b9b","first_seen":"2026-07-02T13:03:20.133181Z","last_seen":"2026-07-02T13:03:20.133181Z","times_seen":1,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/ecosystem-55f9d7ec4dd1242b.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.139Z","timestamp":1782997345139,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /ecosystem-55f9d7ec4dd1242b.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2210\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5452,"size_decoded":2447,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5452), with no line terminators","md5":"7caea6fe568b8ea5d55a1d834c2dd0a5","sha1":"64452fec677097c7112765d87099d9b935f70768","sha256":"d5d09e03075c829f9dc786e165f292efc17997624b03f843dec7ab9ec4565abb","sha512":"3022053233885de86b90b778c0d0d9efed2caa2b41358c0d311cdda6eb288fd327939523843b58b65323914e759ab80679a8e256e7c2383effaf744a7e173f26","ssdeep":"96:oACrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8S6:+rR0v2BY1BlFwA3gS6","tlshash":"9bb1b4417a92f874e3af6558407f402cb33f3f51740a8064e73e6c543925ac6e267b9a","first_seen":"2026-07-02T13:03:20.134521Z","last_seen":"2026-07-02T13:03:20.134521Z","times_seen":1,"resource_available":true,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/MsMpvtzV_200x200.jpg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:27.000Z","timestamp":1782997347000,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /MsMpvtzV_200x200.jpg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:27 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 03 Nov 2025 13:36:35 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4945\r\ndate: Thu, 02 Jul 2026 13:02:27 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4945,"size_decoded":5211,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3","md5":"f93087cd28b467c804c2f1ba527255de","sha1":"ce7f530f4b31fb0bfe2a7c8fea5660ef5b13411d","sha256":"0fa5469ecf84d430588e6212564161f55ea0a443941ea1fcdb6f6bead57d51d9","sha512":"d726271eb8df23d2d90c8b2943ad2607125ffbe993e9182d9e70159f000ab8b084a6874a41ac3c1d9c545dbf8b0070566192abe87ad2f0fc9f2d8577b653c7b5","ssdeep":"96:X894v4vS8+CB9n7R+j3pr4aZKNahmvc8/vNlwoLF3nu4B:sFSG7kjPfhmUwN1ci","tlshash":"78a16b721f082245e59d133458e5a77be3f25e273790530bc98269c63f7c0c2ae98ad6","first_seen":"2026-02-14T07:25:06.123419Z","last_seen":"2026-07-02T13:03:20.135822Z","times_seen":3,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/images/330xhmya/production/fe35029612886c41779249ca7e39734ca27be349-40x40.svg","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.554Z","timestamp":1782997348554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /images/330xhmya/production/fe35029612886c41779249ca7e39734ca27be349-40x40.svg HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nsanity-inflight-limit: 200\r\nsanity-inflight-current: 0\r\nx-sanity-asset-storage: gcs-default\r\ncontent-security-policy: script-src 'none'\r\nx-content-type-options: nosniff\r\ncache-tag: dataset-330xhmya-production,dataset-330xhmya-production-asset-fe35029612886c41779249ca7e39734ca27be349\r\ntraceparent: 00-267864f342d77f5d6a976308cabac4ba-2552094920ad743a-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nxkey: project-330xhmya-production\r\ncontent-encoding: br\r\nx-varnish-age: 0\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ndate: Sat, 27 Jun 2026 05:55:55 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Tue, 05 Nov 2024 15:11:39 GMT\r\ncontent-type: image/svg+xml\r\nvary: origin, accept-encoding\r\ncontent-length: 543\r\nage: 457593\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1231,"size_decoded":1456,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"346fb9425b494e01f8fb8bc87ff441f3","sha1":"1eef9ec8efd38b6c2605fd5747b4d9ffecd5a0ae","sha256":"504fed5e1cbc16715448a2f2922153731cdfd35ac5c45340f9f8d4d5c09194e9","sha512":"6fad7368f360a7ca1a527e4ee3d3a0a9a8ff123286b420b554cf9648068d3e63ba31ccdbfd9d3ff3a655098b19420d951126b86e9e4185a30e5870fea6768a22","ssdeep":"","tlshash":"772132284bf03fd37100076261b4267939f234fc026cc70dd2c4a6b1e42b628985a9bb","first_seen":"2026-07-02T13:03:20.137087Z","last_seen":"2026-07-02T13:03:20.137087Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/cLm1zuaUXPLFw7nzKiQTH1dX/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.804Z","timestamp":1782997349804,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /recaptcha/releases/cLm1zuaUXPLFw7nzKiQTH1dX/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":359,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":2,"connect":16,"send":0,"wait":55,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/bc8831281eb208c3.css","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.104Z","timestamp":1782997345104,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /bc8831281eb208c3.css HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1676\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9315,"size_decoded":1985,"mime_type":"text/css","magic":"ASCII text, with very long lines (9315), with no line terminators","md5":"8e139c927f352bb386322506264efc41","sha1":"9d2bc2dab68b249c47997a4b2c267e0196364d2e","sha256":"0ca3ef364cbaf9b7045b5f138a2d741ce220b566fec63cfc8abbd4928eadb710","sha512":"b6e65bac2499ab062b6969d6b412af161273536ebe69e985693f4afa7906d1a925266112d45d9ca12b8e727c2e8f10ce80c4cd54c9c42c0158bcd1e2779d766a","ssdeep":"96:OJToi95dKSme+jeHoafQrAEyw0vArGZHp6ZIa+tYdI6JnYIJ/Ohra:OJTXdKSme+jeHo0v2GZHcZ5Dfufs","tlshash":"39128898a350281352134f3257b58bb4d9b4488147d3ce7f91c0bd88d6badbe236f2b9","first_seen":"2026-07-02T13:03:20.138533Z","last_seen":"2026-07-02T13:03:20.138533Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/framework-c123073e70017576.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.115Z","timestamp":1782997345115,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /framework-c123073e70017576.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 43421\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":140022,"size_decoded":43659,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0bc965ad2d2558b91c5a3788c31cb746","sha1":"e0e0663151c14a3fa908734dfc659820ccb27ffc","sha256":"804de3ea4d6b08da6ea65b9e992f59abbf97ea8e2592c197571a3e0a900f1fb1","sha512":"e1874d2475910cb65176e76d3ba227f28de4cd75a63fd0aa9ec9d95e9a7a7893e1537b5fa7692e9a76d6c9111ce9a2de68a4fdf808aedd1437994a29f827a0c5","ssdeep":"1536:Qv1NH6ZMumPhxj3hnpR76oedyWyTDJTQy:Qz3pp963dUmy","tlshash":"04d309e83995f6516ab311a700ef2803737d2a1b280c4960e215fd9e75b842bb17bfdd","first_seen":"2025-10-22T18:22:16.090103Z","last_seen":"2026-07-02T13:03:20.139903Z","times_seen":3,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.api.osano.com/record","fqdn":"consent.api.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"108.157.229.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.678Z","timestamp":1782997345678,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.api.osano.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 28 Jun 2026 00:00:00 GMT","end":"Mon, 11 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"A4:48:A5:2F:30:67:9E:6B:49:27:13:CD:9C:15:C5:CB:40:2A:59:19","sha256":"DA:B7:49:E8:C1:48:66:E6:FF:FC:8F:CA:A6:15:48:37:F9:A4:F3:48:27:E6:EC:82:9C:C5:41:1F:7E:7F:85:5E"}}},"request":{"raw":"OPTIONS /record HTTP/1.1\r\nHost: consent.api.osano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://midnight.glacier-rep.com/\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ncontent-length: 0\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\naccess-control-allow-methods: POST,OPTIONS\r\nx-amzn-requestid: a6040755-407e-4c3b-b991-0356d1cb039f\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token\r\nx-amz-apigw-id: f4QnVG2ODoEEczQ=\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 3346055bb53a57ebf02828b88e1ee87c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: jmWbdFxAwwxyGtMXGpDHz5PGi7gi_2OqHnMq310NrBi2XqDDLLFpnw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":586,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":47,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/551f8492831e82d60b9d7a5d294faf69ac0a3e1b-69x69.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.158Z","timestamp":1782997346158,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /551f8492831e82d60b9d7a5d294faf69ac0a3e1b-69x69.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 342\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":850,"size_decoded":655,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e9c2387c6a15aa02cbf40448b25a8522","sha1":"5490d5a427ebe1af184892bd1c1d8d8d5c369f97","sha256":"329dc7e9d202f5ce0f26119825110f42fb6b06c4c4ddbc19437691168b64996d","sha512":"f0e4f6cd06287f8e5fa0fbe194b5316d4d11a78d83e762b7caf01012574695569e85e36ecb0004cd9a3ea349858619af107cebcd237b52e934bb64a81092bad9","ssdeep":"","tlshash":"7b01af54013cdf4aa5619bdcc9ef9197e82e65c66784cce9e31024a9f8829451843cd6","first_seen":"2026-02-14T07:25:06.106324Z","last_seen":"2026-07-02T13:03:20.140769Z","times_seen":3,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/files/330xhmya/production/63e4ad7e23a06553848afd59c897d7b06df1efab.mp4","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.430Z","timestamp":1782997348430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /files/330xhmya/production/63e4ad7e23a06553848afd59c897d7b06df1efab.mp4 HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 \r\naccept-ranges: bytes\r\ncontent-security-policy: default-src 'self'; script-src 'none'\r\nx-sanity-md5: f09ac789086be6f4dea9bf0de77d81fd\r\nx-sanity-storage-adapter: gcs-default\r\nx-served-by: radler-868f47c4b-m7gd5\r\ntraceparent: 00-385afa6075110d350bce4ade302590c6-a2eb8e41f44c7510-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvia: 1.1 google\r\ndate: Thu, 02 Jul 2026 09:48:45 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Tue, 05 Aug 2025 19:52:44 GMT\r\netag: \"f09ac789086be6f4dea9bf0de77d81fd\"\r\ncontent-type: video/mp4\r\nvary: Origin\r\ncontent-range: bytes 0-29490367/29490368\r\ncontent-length: 29490368\r\nage: 11623\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4718592,"size_decoded":4719400,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"04a753a091923ffeb6b385ad6130975d","sha1":"7089fa2aa74f853dc9e573df94ab9990ec894419","sha256":"fcef99f417ba2e47243ef4e1241051cea8d18f3eba0dac95138639143d497689","sha512":"b207990d946468b2c91c79bd06bd112d89cb77d1416f5ac547bcc867125c3fab008d1fe41e6527b9f88f3bb2eb9c68c968ca0c92c28d79e716ad49e5a3a67034","ssdeep":"24576:kPoEdLt1rqLaYNRGBU6LF5oPDif5HXSNcJ9rhS7w99JUO:kAut1rqTNREU6LYPD853icn1S7sX","tlshash":"e12523e9cbe760a1cf730d3e81be5706b395b129ca1ac7cfe1719922cc72092546a1f5","first_seen":"2026-07-02T13:03:20.142202Z","last_seen":"2026-07-02T13:03:20.142202Z","times_seen":1,"resource_available":false,"data":null}},"time_used":921,"timings":{"blocked":0,"dns":3,"connect":13,"send":0,"wait":130,"receive":751,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/images/330xhmya/production/25af5e9fb3b95e68d39dff36f1b12050dce291b1-40x40.svg","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.559Z","timestamp":1782997348559,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /images/330xhmya/production/25af5e9fb3b95e68d39dff36f1b12050dce291b1-40x40.svg HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nsanity-inflight-limit: 200\r\nsanity-inflight-current: 0\r\nx-sanity-asset-storage: gcs-default\r\ncontent-security-policy: script-src 'none'\r\nx-content-type-options: nosniff\r\ncache-tag: dataset-330xhmya-production,dataset-330xhmya-production-asset-25af5e9fb3b95e68d39dff36f1b12050dce291b1\r\ntraceparent: 00-e54d7c669a8663ed1107c2874f372cac-b54e3a855e12a82a-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nxkey: project-330xhmya-production\r\ncontent-encoding: br\r\nx-varnish-age: 0\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ndate: Wed, 01 Jul 2026 09:22:01 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Fri, 09 Aug 2024 13:23:20 GMT\r\ncontent-type: image/svg+xml\r\nvary: origin, accept-encoding\r\ncontent-length: 430\r\nage: 99627\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":843,"size_decoded":1342,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"45a38ab0cf12ed4b5ebf6915573546ab","sha1":"4070f41a03aab8d957c45b1f5dab40d2c7c48610","sha256":"2f06351850a9960565c8a28126656c6ec698cb118e4a0f6229b5070f187cb9f3","sha512":"e21530f749c36359a2a90d79b6bd207521364820145925ae80d74deaa79c103c3c866c384ee16304df0f9fea68e746c1b5f76971f84a7b6889f6d4fb9f006b8d","ssdeep":"","tlshash":"0f01a3210274987eb15856a0b2d4287a7e3715fe3655c7ddd7880823bd120cdcd249e9","first_seen":"2026-07-02T13:03:20.094993Z","last_seen":"2026-07-02T13:03:20.094993Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T13:02:24.433Z","timestamp":1782997344433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Thu, 22 Jan 2026 19:01:35 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 73842\r\ndate: Thu, 02 Jul 2026 13:02:24 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":459392,"size_decoded":74272,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1751)","md5":"ef660d369bbe437b7a13a5086269ca8e","sha1":"c38e5439471bde54693b99683efa833f40f5d704","sha256":"a27e73f21ccb738c0ac7c5109cd068a32e580d0d74fdb3615d0552823844ce69","sha512":"659d7f307cf88d2350c0983c823c9d28a9445521deb92e2a14993059f879539300c2e78dcec1d91bb429866160a9ed67b0de3069f45a929db702ea072722f7b5","ssdeep":"12288:gTuE9bYnrZU9vQgslEsn7oTkmvYlbhXsXXwZ6NlNBVkOoNFnSDKSaz2r76p1QN:C","tlshash":"3fa47124e5f061767a2b626b138bb68cb2746d635d05cf9cf5ae00408f89bff3443696","first_seen":"2026-07-02T13:03:20.143606Z","last_seen":"2026-07-02T13:03:20.143606Z","times_seen":1,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":0,"dns":77,"connect":53,"send":0,"wait":104,"receive":53,"ssl":111},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js-2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.109Z","timestamp":1782997345109,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /js-2.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 155210\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":503523,"size_decoded":155449,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"9c49c7d03de981f2d14ac5248c0ebb18","sha1":"84a015c1ff641a3636d3af8b06e4810df7e9d24b","sha256":"7e5d84656a934a9db6db1cec0ced470ac661e1f1f30e00e1092934af297654cc","sha512":"beef664eee0a42991c69984c55d45f642a3873609945ce64fc6aa86a4807f56b8ac52d369a465277ee97635d236ad19bcbc5dd8133df732165e991e8c8e6dd53","ssdeep":"6144:IBm5HIy2n8fud75KGq6A0RI6PjLiYYgAxFOY9ftLHAJzaAmnnxZ2icl:GiHITiud75KGq6h/LiYSAJzV","tlshash":"cbb4098e73c67426539af078503f12cba87b29a2b45dc89ab1c9ccf02d7459a4177f78","first_seen":"2026-07-02T13:03:20.145047Z","last_seen":"2026-07-02T13:03:20.145047Z","times_seen":1,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/509.1aa9968d5075d997.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.112Z","timestamp":1782997345112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /509.1aa9968d5075d997.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2140\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5067,"size_decoded":2377,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2496)","md5":"56d37f9d839bf1771aa478d2b2feb35f","sha1":"8d267b0d46cfe32a293e56af5e68bd0718358168","sha256":"4c8b44cfb5cd3282ddcb862bc55ebd92e3281b87e9b25bb8eee33bf940fba93c","sha512":"0a089751fe5a70c534e0746078091a6a7b3efd615a9ea9335aca97f568d6720394f1e9286337c7f7c2e79173325e26e58c259129881f854b501424e793836229","ssdeep":"96:7wmOHi1SSnwsPp0Ufy/omgfZxbQSstv6xDOLszA9B7jhUYv5k0:7yC1SP5ophxblo6U3PhUM5k0","tlshash":"65a1935232e13eba93cf00da80bb445d727b2d1d241e4920b17dbc4d2b629e561e3f9a","first_seen":"2025-10-22T18:22:16.276491Z","last_seen":"2026-07-02T13:03:20.146393Z","times_seen":3,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/817aedcda0bcd26834089f1493bca6b90c9db330.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.721Z","timestamp":1782997345721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /817aedcda0bcd26834089f1493bca6b90c9db330.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/5a9659fe65a50ebb.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 105\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":105,"size_decoded":373,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c974d5916126091a2cd7f0837a986d8f","sha1":"817aedcda0bcd26834089f1493bca6b90c9db330","sha256":"7e38d12d1da8afb107d374eb3e33caf2f687ca5b10cacdb217affe2905815deb","sha512":"3cf9d0a6d86d3533038013381863b328e3ae15a9499b45daa33ed0d05f2a7fac78d46f1e57b261a804572373de6c8cb98fffffbe66789f0150c1bf72e40f90cd","ssdeep":"","tlshash":"43b012fed1c79d18991884309dbe6800aa1ff04041860354d5b90a1ff2100d232010a8","first_seen":"2026-02-14T07:25:06.11728Z","last_seen":"2026-07-02T13:03:20.147902Z","times_seen":3,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/288-381a6850e5cf6765.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.124Z","timestamp":1782997345124,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /288-381a6850e5cf6765.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32316\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":108684,"size_decoded":32554,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d6d754680108177bc06e8151f12aa366","sha1":"6a63817d7c62d2f4cb8efb2ed8e33a41cfb78957","sha256":"565d5cdca1623ca4eac31f43ee7ef95259f49df0e279bd1e3b81f10c271d4284","sha512":"6d2acf2878be977a63b9f0a096b58437c1c33672ee85d702373cdff8dfefc84604dcea821c11acb8777339773feeb841d42c6a7af18ba9f3ec19875a5498ce7c","ssdeep":"1536:MnE5+IXApD5MdexKFmd0ZX9tysHAL76gX36Owx3:Mb5jKFmO1DysH3i6O63","tlshash":"f6b34dd53692b075d7e741aa803f0009f33e2f69240e4410f16edc9d75a6a89d2b7faa","first_seen":"2025-10-22T18:22:16.27906Z","last_seen":"2026-07-02T13:03:20.149935Z","times_seen":2,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/unshielded-190aa55244fe3e09.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.150Z","timestamp":1782997345150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /unshielded-190aa55244fe3e09.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5656\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22446,"size_decoded":5893,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (22446), with no line terminators","md5":"e2969b9a20f386faa13bd93285a0b501","sha1":"407eaa2cc92c528c5f817a293910f763f29b5666","sha256":"fc368d14a52bc39a3dff2ee817d210d596dc4485771504852161fbe2f0ecbdd6","sha512":"a311b23689d7c1e37ef2391dea2cfc8ca8b6c7c4036ee62b8f1ed62e80cf556dcf550c4215f8450a09d012122999ce9866ddaf79f6ff95680e8c69e8e4cb3345","ssdeep":"384:z7H0fQqsKvlVzkPQrD3f7QT3wjxAryt7AH7O7lXhSJAd7/t7cw/RHWmnLlkXjgYN:zwfXRvlVzkPQrD3f7QUjxarufHnLlkTF","tlshash":"44a2a7d4b29d7ef8a6a743856367000c361f6d85a82a89f8e77cec01e9458dcb193fc5","first_seen":"2026-07-02T13:03:20.151469Z","last_seen":"2026-07-02T13:03:20.151469Z","times_seen":1,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/form-data/16845541115?gtm=45be5at1pfv9210328944z89204735153za204zd9210328944xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026npa=0\u0026frm=0\u0026pscdl=noapi\u0026auid=929305876.1782997346\u0026ec_mode=a\u0026em=tv.1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.151.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.095Z","timestamp":1782997346095,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"POST /ccm/form-data/16845541115?gtm=45be5at1pfv9210328944z89204735153za204zd9210328944xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026npa=0\u0026frm=0\u0026pscdl=noapi\u0026auid=929305876.1782997346\u0026ec_mode=a\u0026em=tv.1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 \r\naccess-control-allow-origin: https://midnight.glacier-rep.com\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:67:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:67:0\r\nreport-to: {\"group\":\"ascnsrsgac:67:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:67:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":824,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/646-4147751f80329f7d.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.398Z","timestamp":1782997346398,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /646-4147751f80329f7d.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 28166\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":99321,"size_decoded":28404,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (55132)","md5":"58d6a28374bbc976a34d54c575b763bf","sha1":"59a2307d7059077b00e39d58e368540afade3887","sha256":"6fa923ac66624dec1940c77aea2a94572a6b89ecadc8999873c6d74c3fd73835","sha512":"b7eb606c99fb6d480cf1528d4b641c1df999443a0c8132a09afcfe990a2d460017d8a29335e669c2a2f332ca4e98a1ec8e79f885c06ad156e850565c26126088","ssdeep":"1536:+TvoKx8kRnvGLpBlxvH68f2N/63wlAgSPLxABsFMBvpqBoYJ8XiA6wiaoG:MEMUNgSPWc0OxlaoG","tlshash":"e4a309ca7221b5b692db519a92aa8112b3f65844740d847cb1f48ceb547c99c03ffff8","first_seen":"2025-10-22T18:22:16.288398Z","last_seen":"2026-07-02T13:03:20.097191Z","times_seen":2,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/289-3937c8927401961f.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.727Z","timestamp":1782997346727,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /289-3937c8927401961f.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2772\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9655,"size_decoded":3009,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (9655), with no line terminators","md5":"83d003a6561f83f66b8503debd604d49","sha1":"7128e05ab733749970fa119e19bb7a9356d9f057","sha256":"62733f2042957c7b9321a038ecdbe94e3560669e55f3864396351848658375bb","sha512":"da705c7d41287b59e7e02842753e64c9d988016981cd12ecee4464edbbcf04f02f76e01eaf5eef086604a2e533362db0b10424cae8a0e7a2451701492df1601c","ssdeep":"96:nyl9hsODCkCOsfP6Y3vLrGFm7+GNIhgfl6p9NYAG9NW+z3uVp+3wVEb2d8wNy19M:yvBCOQf9NV7W6eBNyzZjAn","tlshash":"b812625ea550beecfa6fc988bf6f604c721f1744dd4d88a4b9b9580418809d8b223fdd","first_seen":"2026-07-02T13:03:20.152891Z","last_seen":"2026-07-02T13:03:20.152891Z","times_seen":1,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.network/apple-touch-icon.png","fqdn":"midnight.network","domain":"midnight.network","tld":"network"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:27.929Z","timestamp":1782997347929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.network","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 21:52:39 GMT","end":"Fri, 31 Jul 2026 21:52:38 GMT"},"fingerprint":{"sha1":"F7:D0:74:6E:DB:EA:60:0F:1A:1D:F7:A1:AB:D4:E1:72:18:0B:DA:FA","sha256":"6D:C1:95:D7:13:9B:60:84:C9:8C:B9:DD:1C:41:0C:46:45:0D:1E:05:AF:30:AA:E8:F9:26:48:03:77:0A:62:AE"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: midnight.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 28391\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"apple-touch-icon.png\"\r\ncontent-type: image/png\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\netag: \"4a50917daf8736037b6dee03be4abae3\"\r\nlast-modified: Thu, 02 Jul 2026 05:09:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /apple-touch-icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6kkpd-1782997348014-c4eb0f728431\r\ncontent-length: 5147\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5147,"size_decoded":5707,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit gray+alpha, non-interlaced","md5":"4a50917daf8736037b6dee03be4abae3","sha1":"b1e992033d4834a41707cc5fd86c2a7807776f26","sha256":"ec89d0959d1542fd77093804d296840746b1d87f6abe0165dcfe149cb9f1b13c","sha512":"35538a2dd5b82c1cad10f2a14b1af6e8628f0d798234c5e917aca1bcee773f8c05d936665ae960ac1c41608c08703e5c75e122f699254efa678ef7093d165099","ssdeep":"96:womzoQgG83X/QN1+F84gaSQBIkIZ8GqVM8nFj3Jq3r0PmKZgg3Nyxn3rq:izRuHqht+IZ7qVMoj5aHYP3NE3G","tlshash":"d1b18dd4ab7c53f5c98d0cf543c721e82e18ed1f240114faae28a7b94d184279591b1b","first_seen":"2025-10-22T18:22:16.082404Z","last_seen":"2026-07-02T13:03:20.154296Z","times_seen":3,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":46,"connect":1,"send":0,"wait":37,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/730-c85af50501a266d1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.120Z","timestamp":1782997345120,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /730-c85af50501a266d1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4154\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10445,"size_decoded":4391,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10445), with no line terminators","md5":"76739ae14085eb2064bfd903e92f05a7","sha1":"f7714961329c6c9552e45236130f7ec5aaafcd57","sha256":"01a0dd77c5614d9ecfd1b45391b087b2454bd819d13b17c6814a397f3931b879","sha512":"6346c2df967fb6676e1d84e96f2aadeede618a83e484256f0c75a884e20afa83d10b0c9c24bd440f806acdfc6e6524ff564e407e2386d43e2761663032397298","ssdeep":"192:efuL4DqCMmXiar1qgeI2BjRwEJnD1Ze+waGS1RFdYypFKyVXsFAhI1:9LavMtgUgoBI+x7vpV8KU","tlshash":"40224ab336dafcdb630b91e8c52f000df37909712629e105abe089c59670568e1a3f7e","first_seen":"2025-10-22T18:22:16.260579Z","last_seen":"2026-07-02T13:03:20.155657Z","times_seen":2,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/static/css/bc8831281eb208c3.css","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.687Z","timestamp":1782997349687,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /_next/static/css/bc8831281eb208c3.css HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/974-31a7cc3dfd4385fd.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.147Z","timestamp":1782997345147,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /974-31a7cc3dfd4385fd.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2219\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4808,"size_decoded":2456,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4808), with no line terminators","md5":"c1c2767134c24eaa32863fc007de9248","sha1":"cac7975bf648b61edd6f0e2be90e9bef6a086dbd","sha256":"27d878dec398c752008b0435cbda35e3a884cec37513028de06fda4ed5a9ef26","sha512":"3d68b48921730191c04c4f416b2ca68975c684b0a05b87c6cee160d4599403e518a49f2c3ca883b071bf7c917941cb6e2654c43f7602339b417095290fc5559b","ssdeep":"96:7kqw+oTzV3x9aKEwmUqUWhtb0Eq1D+K7FMO42vpv+/5HD+:c1zV31EcnWgEeD17FdLNY5HD+","tlshash":"70a1b5e233817557c39e53a3842f010ab2b8bef5241b586ef6586cc7282554d93d3fb8","first_seen":"2026-07-02T13:03:20.15735Z","last_seen":"2026-07-02T13:03:20.15735Z","times_seen":1,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/adsct.gif","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.439Z","timestamp":1782997345439,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /adsct.gif HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":306,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"377d257f2d2e294916143c069141c1c5","sha1":"b7cae69682cf31dd670b65088db8395acda6ed3e","sha256":"ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957","sha512":"01211111688dc2007519ff56603fbe345d057337b911c829aaee97b8d02e7d885e7a2c2d51730f54a04aebc1821897c8041f15e216f1c973ed313087fa91a3fb","ssdeep":"","tlshash":"4e900403d3c0c001c151d0300d0cc7441344f0305554030f70fc575ddc3d1550c170c0","first_seen":"2023-04-05T06:54:04Z","last_seen":"2026-07-03T09:24:00.646185Z","times_seen":1282,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_8.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.680Z","timestamp":1782997345680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_8.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 913\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3030,"size_decoded":1143,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1905)","md5":"86746e57f1f0f88873ff027c6e0fa89a","sha1":"0289a9527daff23c9223f5f9e0d46c253ea743fb","sha256":"d5bb1b71d1888f90a506a08bcf05a3b9cac3206a2df078125846da6944453ecc","sha512":"4b427b0c26afcd1495039a20db191384907e1b7f8a093c6618aeea00e8010f33bfebe2dd5ab0e5190c9dec4b33013fa2b850802190acc51127590cbf93bba52a","ssdeep":"","tlshash":"f151334ad8f7d3319c3db2758850e7a89467e30be399eff6409480350890f8e9d8746d","first_seen":"2026-07-02T13:03:20.1588Z","last_seen":"2026-07-02T13:03:20.1588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.151.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.googletagmanager.com/static/service_worker/5a20/sw_iframe.html?origin=https%3A%2F%2Fmidnight.glacier-rep.com","date":"2026-07-02T13:02:26.466Z","timestamp":1782997346466,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.googletagmanager.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"static-on-bigtable\"\r\nreport-to: {\"group\":\"static-on-bigtable\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/static-on-bigtable\"}]}\r\ncontent-length: 3170\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nexpires: Thu, 02 Jul 2026 13:02:26 GMT\r\ncache-control: private, max-age=31536000\r\nlast-modified: Tue, 22 Oct 2019 18:30:00 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3170,"size_decoded":3818,"mime_type":"image/png","magic":"PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced","md5":"9d73b3aa30bce9d8f166de5178ae4338","sha1":"d0cbc46850d8ed54625a3b2b01a2c31f37977e75","sha256":"dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139","sha512":"8e55d1677cdbfe9db6700840041c815329a57df69e303adc1f994757c64100fe4a3a17e86ef4613f4243e29014517234debfbcee58dab9fc56c81dd147fdc058","ssdeep":"","tlshash":"3a516c9f7ed492b7cb5bb78d45832410450f0cf60b1b0de9d8f089098c2c4873115eb9","first_seen":"2023-04-05T07:39:29Z","last_seen":"2026-07-03T17:17:26.777837Z","times_seen":51756,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":2,"connect":35,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com.ng/pagead/1p-user-list/16845541115/?random=1762176891089\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026userId=%5Bobject%20Object%5D\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026_tu=CA\u0026data=_tag_mode%3DAUTO\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0fikinLWPWHU-ntccqoGRVVj1B-C-EOn2ji_x4HQ8a5MoWvMwIO89EA2l3ucxXNtOmi4En5kh5Pddx4OMnmUPBSVarncN0tgmknGGT-Yh3jJJ9C3qMF3xE3vv_FKuo2uosFn8Jb17Z6pwopWEhv2bvTdBObQrHcjnNG7jWGpOQF5lL-2w158DQQ\u0026random=1229495457\u0026rmt_tld=1\u0026ipr=y","fqdn":"www.google.com.ng","domain":"google.com.ng","tld":"com.ng"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.820Z","timestamp":1782997349820,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com.ng","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:42:35 GMT","end":"Mon, 07 Sep 2026 08:42:34 GMT"},"fingerprint":{"sha1":"FA:A8:31:08:34:25:ED:38:1F:A4:63:57:BE:73:19:DF:3E:E8:8A:3D","sha256":"57:03:09:50:FC:0A:50:50:88:E4:C2:85:EE:09:78:35:EF:A6:16:99:8B:8C:A0:6A:9D:99:38:28:9D:60:D6:14"}}},"request":{"raw":"GET /pagead/1p-user-list/16845541115/?random=1762176891089\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026userId=%5Bobject%20Object%5D\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026_tu=CA\u0026data=_tag_mode%3DAUTO\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0fikinLWPWHU-ntccqoGRVVj1B-C-EOn2ji_x4HQ8a5MoWvMwIO89EA2l3ucxXNtOmi4En5kh5Pddx4OMnmUPBSVarncN0tgmknGGT-Yh3jJJ9C3qMF3xE3vv_FKuo2uosFn8Jb17Z6pwopWEhv2bvTdBObQrHcjnNG7jWGpOQF5lL-2w158DQQ\u0026random=1229495457\u0026rmt_tld=1\u0026ipr=y HTTP/1.1\r\nHost: www.google.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":42,"size_decoded":641,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-07-03T18:14:40.2218Z","times_seen":971832,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":14,"send":0,"wait":36,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/gtm.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.099Z","timestamp":1782997345099,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /gtm.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 133151\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":418383,"size_decoded":133390,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (23239)","md5":"a06bb6119ad1120760ad3f36734cb2f1","sha1":"1afdc972facaed65c8a447a81e921cdda64c8dde","sha256":"e1b564d90c41fe1ba4e6c7a3dae02bc060cba08ef7f78952f48d3767389b1f47","sha512":"1c0aafedc2a2266dd57819d925bc41c3f616e1f50fa322b3730ac0a9bca45ed0acadf49e31a6e5b51525cd8f452c6c702bc7c2b2ae2654b8d865aed76c74c40d","ssdeep":"6144:X5pbx7X/2EyF3YewChBg2SkIaFYEpT0+Pxu3QLjCTP:XH5svwCh0/+PIZP","tlshash":"37942a8f73d774265392a438402f118ba27b2891f44ed8a5f186dcd82f74a9a8137f7d","first_seen":"2026-07-02T13:03:20.160869Z","last_seen":"2026-07-02T13:03:20.160869Z","times_seen":1,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/75f65fd2d9da0ad1ff8c6f6430a2301b64d6e7de-40x40.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.163Z","timestamp":1782997346163,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /75f65fd2d9da0ad1ff8c6f6430a2301b64d6e7de-40x40.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 515\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":912,"size_decoded":828,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"22405ba12bb9fb6831939842f9518d38","sha1":"9fa5f77a0191c5013cfa5df6ad7355975f58c3eb","sha256":"1b15a2d76ca54abf3d2b74d4d052b36693fe2dc3f5f22d8781b5a97847af011f","sha512":"fdbb924222b481594fec198a7d6c899e16b230941ee91a469df5034822f28ad6cbe4e1a22b3f88b8d2d08f08f805430f330823e4121a7307d3b9ae444820218d","ssdeep":"","tlshash":"f01140e947e907d8c166173ce69b8ea320af69ed19085050d7f8a80ea4000b8898d7d7","first_seen":"2026-07-02T13:03:20.162375Z","last_seen":"2026-07-02T13:03:20.162375Z","times_seen":1,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/1p-user-list/16845541115/?random=1762176891077\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=gtag.config\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xec\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026data=event%3Dgtag.config\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0Vm-HgLo_Wyz9T8VLeN4UDRz21rTT1-wWzSYVsjJXpWCcuhE5wW7xMf_d7zIevLX9m3YkXt_Wi4ktMeJgoCvUlqTZs9xA4vNSe5p5Jdb_fHorjaJ0WOy2nu9Lv3oKScP7V2_wRI4i8LXnr79Aw-z7B5qtKB6FMFHZWcZBZ9JHydf9v8BdBji0OU\u0026random=1752143482\u0026rmt_tld=0\u0026ipr=y","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.821Z","timestamp":1782997349821,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /pagead/1p-user-list/16845541115/?random=1762176891077\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=gtag.config\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xec\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026data=event%3Dgtag.config\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0Vm-HgLo_Wyz9T8VLeN4UDRz21rTT1-wWzSYVsjJXpWCcuhE5wW7xMf_d7zIevLX9m3YkXt_Wi4ktMeJgoCvUlqTZs9xA4vNSe5p5Jdb_fHorjaJ0WOy2nu9Lv3oKScP7V2_wRI4i8LXnr79Aw-z7B5qtKB6FMFHZWcZBZ9JHydf9v8BdBji0OU\u0026random=1752143482\u0026rmt_tld=0\u0026ipr=y HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/852-11362cc70b086e7c.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.128Z","timestamp":1782997345128,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /852-11362cc70b086e7c.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 36231\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":142331,"size_decoded":36469,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7a29d60137bb089e3f7574e6fc84fa00","sha1":"68fbc9bc1fc61d3a73debc73d9cb462aedac7a8b","sha256":"c6dae96860f72b1f599cdc73281de47d2ad3e3044cf05b4e627c59af5aea253f","sha512":"42dfe402e51c71d30e577b7dfcdc527a16db453703e723ae5af09f6535a2383e8ee954b7d72565a10cee4945095d7fd9c4381f0e50dffebf0e9841d7c6e7d6dc","ssdeep":"1536:O5S8aJwSL0F6f/NtugjE4g88xleDMyUO7rT+xj5x8sr0RkuX7QPB2d1dXa5WChVE:ujM/N0gHg88G+x3rQk+/d1dwTaH","tlshash":"ddd38865a2a5bfecf82b8ad4552f500c722f2f94db0e88f4b5ba68341b440e47953fc5","first_seen":"2026-07-02T13:03:20.163804Z","last_seen":"2026-07-02T13:03:20.163804Z","times_seen":1,"resource_available":true,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/fe35029612886c41779249ca7e39734ca27be349-40x40.svg","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.155Z","timestamp":1782997346155,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /fe35029612886c41779249ca7e39734ca27be349-40x40.svg HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 541\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1231,"size_decoded":854,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"346fb9425b494e01f8fb8bc87ff441f3","sha1":"1eef9ec8efd38b6c2605fd5747b4d9ffecd5a0ae","sha256":"504fed5e1cbc16715448a2f2922153731cdfd35ac5c45340f9f8d4d5c09194e9","sha512":"6fad7368f360a7ca1a527e4ee3d3a0a9a8ff123286b420b554cf9648068d3e63ba31ccdbfd9d3ff3a655098b19420d951126b86e9e4185a30e5870fea6768a22","ssdeep":"","tlshash":"772132284bf03fd37100076261b4267939f234fc026cc70dd2c4a6b1e42b628985a9bb","first_seen":"2026-07-02T13:03:20.137087Z","last_seen":"2026-07-02T13:03:20.137087Z","times_seen":1,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_3.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.951Z","timestamp":1782997346951,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_3.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 676\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2132,"size_decoded":906,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2132), with no line terminators","md5":"e2a60dc1846f5e3bf363bb4735fb0cea","sha1":"e745cd2daae37d86f2c59665484009f4bf4a3acf","sha256":"a09bb663b277d871c0bb7b212c9a1276a2192712675a304f9f4f73341c2da0da","sha512":"23c3b73176691c2e0b3d68df3aeee7392aecd436016abb470f13ec09e795940648d11356f69e7eb0bf14e9185c3128ca2877e9a9325b65ec61aa28a3f44595f5","ssdeep":"","tlshash":"da414686a8f7c331dc3e76429810d3f85963e3076399e7f89494812249a4e8f9cc75ae","first_seen":"2026-07-02T13:03:20.165216Z","last_seen":"2026-07-02T13:03:20.165216Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/images/330xhmya/production/790493062366b213514d3d6ead4950245a5fdf9e-418x504.svg","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.552Z","timestamp":1782997348552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /images/330xhmya/production/790493062366b213514d3d6ead4950245a5fdf9e-418x504.svg HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nsanity-inflight-limit: 200\r\nsanity-inflight-current: 0\r\nx-sanity-asset-storage: gcs-default\r\ncontent-security-policy: script-src 'none'\r\nx-content-type-options: nosniff\r\ncache-tag: dataset-330xhmya-production,dataset-330xhmya-production-asset-790493062366b213514d3d6ead4950245a5fdf9e\r\ntraceparent: 00-8285c19b805ed2765bfbd42d59a46755-881e2dc5e4e70eeb-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nxkey: project-330xhmya-production\r\ncontent-encoding: br\r\nx-varnish-age: 0\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ndate: Thu, 02 Jul 2026 09:48:45 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Tue, 05 Aug 2025 13:43:34 GMT\r\ncontent-type: image/svg+xml\r\nvary: origin, accept-encoding\r\ncontent-length: 532\r\nage: 11623\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1087,"size_decoded":1444,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"76fb6050b2ea739b8e806bbbcc726bdc","sha1":"11483f5094738b0c269aff6f6e28a7d157586407","sha256":"fe3857584985919b00a06c78f27abb32e0a2ff9cf1dcc76431e2141ec2a0bffb","sha512":"04666c941236e426bd5a86fe8c31ef55fa1ccc6432428aeb45587f1c94911efaaf683824c696c913b04c221d04415d309ba3ff354d507dbf1a543815ca647464","ssdeep":"","tlshash":"8c1126aed39b13b9b82a873c887887053491900f6491c0acf59dc552b74ccf14571ade","first_seen":"2026-07-02T13:03:20.111196Z","last_seen":"2026-07-02T13:03:20.111196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/recaptcha__en.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.089Z","timestamp":1782997345089,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /recaptcha__en.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 343133\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":829613,"size_decoded":343550,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (558)","md5":"07bd9db323e20c5712464eae395c4bbe","sha1":"ac8fec5c3ef6987c9bba9ec707575c133dc32876","sha256":"58e16769fc5ea29486677fff7b25f0acd26e0077ef0e0d0a1c5c56545bc7b77a","sha512":"c840b50405fd4d0c82ccff537be49125cdc04674237f1945e8963c276dba99bb39b275d952f5033a7ea3978af474d3a56e932709673d00b973454102489dcef1","ssdeep":"6144:KmRDQSxp9xWrL3fe2ioyvWCbhjXapYaqqPeGfFrFVCk6y27CKIRIR8LzWpKofGnZ:d9Q49YrL3feq2sFVUCTI6EKofqnZ","tlshash":"d50519dcb5427b619332bdf160671068673e9a56c458096db2d8c4f43eb8809b2a3ff7","first_seen":"2025-10-29T09:05:47.950022Z","last_seen":"2026-07-02T13:03:20.166544Z","times_seen":13351,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/288-381a6850e5cf6765.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.619Z","timestamp":1782997346619,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /288-381a6850e5cf6765.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32316\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":108684,"size_decoded":32554,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d6d754680108177bc06e8151f12aa366","sha1":"6a63817d7c62d2f4cb8efb2ed8e33a41cfb78957","sha256":"565d5cdca1623ca4eac31f43ee7ef95259f49df0e279bd1e3b81f10c271d4284","sha512":"6d2acf2878be977a63b9f0a096b58437c1c33672ee85d702373cdff8dfefc84604dcea821c11acb8777339773feeb841d42c6a7af18ba9f3ec19875a5498ce7c","ssdeep":"1536:MnE5+IXApD5MdexKFmd0ZX9tysHAL76gX36Owx3:Mb5jKFmO1DysH3i6O63","tlshash":"f6b34dd53692b075d7e741aa803f0009f33e2f69240e4410f16edc9d75a6a89d2b7faa","first_seen":"2025-10-22T18:22:16.27906Z","last_seen":"2026-07-02T13:03:20.149935Z","times_seen":2,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.kapa.ai/kapa-widget.bundle.js","fqdn":"widget.kapa.ai","domain":"kapa.ai","tld":"ai"},"ip":{"addr":"34.160.184.151","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:27.171Z","timestamp":1782997347171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"widget.kapa.ai","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 May 2026 20:09:39 GMT","end":"Thu, 27 Aug 2026 21:01:53 GMT"},"fingerprint":{"sha1":"D3:83:74:A5:FA:1E:35:AC:27:53:C2:AA:AA:93:35:79:72:ED:EE:49","sha256":"92:49:DD:59:A8:FC:AB:2A:6F:F1:92:A7:9A:5B:79:7E:D6:FF:88:DE:6C:D5:EC:55:AC:D3:80:76:9B:61:80:C5"}}},"request":{"raw":"GET /kapa-widget.bundle.js HTTP/1.1\r\nHost: widget.kapa.ai\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nx-guploader-uploadid: AJ5rDhE72fc79EGE0_EKe68m2UZZCcNsA3e_HRxa8ApcDQGuR1pWdIIy93bvbj2JKsxpo-Ax\r\nx-goog-generation: 1782466727413395\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 2022250\r\nx-goog-hash: crc32c=QltSYg==, md5=6QXAdqq69vNeeM1zYaPOow==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\nserver: UploadServer\r\nvia: 1.1 google\r\ncontent-encoding: br\r\ndate: Thu, 02 Jul 2026 12:29:03 GMT\r\nage: 2004\r\nlast-modified: Fri, 26 Jun 2026 09:38:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":2022250,"size_decoded":582772,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65256)","md5":"fe0bc8fd949688859af0ac907f8995b9","sha1":"b813969f6db78ab581df8780540576ce7bf4dd4f","sha256":"fad6bb05560bb47f987a82df6a5aef92d158af7331788266eca80f7f490f0041","sha512":"f565aa315b314d082faeae1436e922b11684055010eaead67edbf9d9c10ca0c89c64848393f858ed0f52482a134925359700bd18fc43e95852d44a8c5e6820b9","ssdeep":"24576:hyPERNZRhGPR882wTO4/WnwzFLtxIyVZr:hyPERNZRhGPd2IO4enw5LtxIyVZr","tlshash":"fe257dec78b5785207a79095a0ab4141f1361836f44d8562f3b8ea4ea4b744f43a3fef","first_seen":"2026-06-24T15:40:47.602747Z","last_seen":"2026-07-03T15:45:55.701503Z","times_seen":76,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":6,"connect":16,"send":0,"wait":17,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/343-70894edc4ae75b11.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.141Z","timestamp":1782997345141,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /343-70894edc4ae75b11.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12278\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32343,"size_decoded":12516,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21758)","md5":"2579f4524d859000f7be3d46d85d32ce","sha1":"555e40e077d167b84683829e2a8512e5a7ca0d0f","sha256":"85a2f82b6ba59fc20c18e3926af6f74a67f5745cb8539d0ab5669fe76cdc1735","sha512":"dd748079af04efd6d94a77dbb6d7e28cf7ea013a8850fa19d4f354b0b878d27f526a48686cf1b26f5eebd653d6caee4593394ed824471c8337565c8bc4de1de5","ssdeep":"384:zO67cGMw12bDe5DgzWG3jWiUplJd358JOkMtPB4n35antjI30A1dApb1TnAkylo8:bMw12bDHfUld39FIOzA","tlshash":"b4e209e53152b139c7ef41a7402f4129b7ba3aa4340e4424e17dd98d38b4e86d2f7fa6","first_seen":"2026-07-02T13:03:20.168832Z","last_seen":"2026-07-02T13:03:20.168832Z","times_seen":1,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.api.osano.com/record","fqdn":"consent.api.osano.com","domain":"osano.com","tld":"com"},"ip":{"addr":"108.157.229.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.668Z","timestamp":1782997345668,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.api.osano.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 28 Jun 2026 00:00:00 GMT","end":"Mon, 11 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"A4:48:A5:2F:30:67:9E:6B:49:27:13:CD:9C:15:C5:CB:40:2A:59:19","sha256":"DA:B7:49:E8:C1:48:66:E6:FF:FC:8F:CA:A6:15:48:37:F9:A4:F3:48:27:E6:EC:82:9C:C5:41:1F:7E:7F:85:5E"}}},"request":{"raw":"POST /record HTTP/1.1\r\nHost: consent.api.osano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json\r\nContent-Length: 224\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 \r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nx-amzn-trace-id: Root=1-6a466161-656ae7ee0a1f6bb224b57f11\r\nx-amzn-requestid: d79cf960-67e7-408e-be3c-1179cd3a2b27\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With\r\nx-amz-apigw-id: f4QnVHyHDoEErMA=\r\naccess-control-allow-methods: POST,OPTIONS\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 3346055bb53a57ebf02828b88e1ee87c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: AJ0Y7vnudTA2llshkOR5MtrgMZVZgU2Hbf2IKzJPlpQKdQxifJToYA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":1367,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F023e80760447fa5c8cd7b524430cde5e3ad4c1bf-1920x1080.png\u0026w=640\u0026q=75","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.288Z","timestamp":1782997348288,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F023e80760447fa5c8cd7b524430cde5e3ad4c1bf-1920x1080.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F98c3dd251b94638e81e4ee173cfcd309e4992c2b-1920x1080.png\u0026w=640\u0026q=75","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.290Z","timestamp":1782997348290,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2F98c3dd251b94638e81e4ee173cfcd309e4992c2b-1920x1080.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/uwt.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.090Z","timestamp":1782997345090,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /uwt.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 15120\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":58201,"size_decoded":15358,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (58201), with no line terminators","md5":"76a4a1b90eaf763f4a6ebf05f1de741a","sha1":"5d649fb6036d2c97cd1b189b93ab01329605584f","sha256":"15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb","sha512":"37e371f4defe0cb39f231805c200954f72f3f83b26427a083c49f807ef4615af7bc661f4a79902c57fb98079b523eca37ae927f909283ecd958bedf9cd24644a","ssdeep":"1536:buo99dwkLYPs/lEGF94zSnnJpSFD8No5/g:buQdwpslF94zSnnJpSFDZ5/g","tlshash":"4443d5c8f6d5f0a543d776a6903f211bf23a6819704e8490e325e8d2bcb895e9133e7d","first_seen":"2025-09-11T19:44:38.876513Z","last_seen":"2026-07-02T13:03:20.170178Z","times_seen":1038,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/[flexible_page_slug]-33d706343c51c31f.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.137Z","timestamp":1782997345137,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /[flexible_page_slug]-33d706343c51c31f.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2188\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5344,"size_decoded":2425,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5344), with no line terminators","md5":"a9a62859f8399b167ba5dd528a5e3759","sha1":"963242247a469be9c8204082d86c1092b7e7d2c0","sha256":"da3152848da3540f238b29d3c027efe230e44bafb7d1b4500ce4f108da62dd25","sha512":"4d64b2cb143cf4870600a106c4a774307e3dd0132eb93db20734118b3b9b3f5bbcc40c27d425dbed863fa7fbdff939c8e0331f26cce21c7704c856d934f3329b","ssdeep":"96:ZAKrfZgcunC6Xs0v2cF30Mx/ND531B93yyv1CRYl3r8a6:brR0v2BY1BlFwA3ga6","tlshash":"1db196417a92f874e7af6558407f442cb33f3f5174098064f33e6c543925ac6e296b9b","first_seen":"2026-07-02T13:03:20.170852Z","last_seen":"2026-07-02T13:03:20.170852Z","times_seen":1,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/020d8314-add014fd3e4aebd1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.147Z","timestamp":1782997346147,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /020d8314-add014fd3e4aebd1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 117036\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":495005,"size_decoded":117275,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dea6cfa7677ed3faeac12cb6778f71f2","sha1":"38522d2a2ea4a880ada73c4d8aefa6c534a6adb7","sha256":"ba5b9ee20e207d22c0d57cd1b5d5de971d074780a8ad04280b0116678418d750","sha512":"a9807c3d5def5b7c4aa2fed70213f5aece2f3cea8f3b9643a4490f8cb0486b1619937c2636b2fbe315d3789043e48c3db35e1e94563cdd000408af2c94b11787","ssdeep":"12288:j8oMNbXxHSdzWDLQJ6MIwv+ZeWD7iq5Cx:ErxHSdzWDLQJ6MIwv+ZeWD35Cx","tlshash":"3db45bf63275b0174f0754a754b90442932db8d73809867cba1ca4eb74e0998b2fbfb9","first_seen":"2025-10-22T18:22:16.256435Z","last_seen":"2026-07-02T13:03:20.095895Z","times_seen":3,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/f.txt-1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.153Z","timestamp":1782997345153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /f.txt-1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2238\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5608,"size_decoded":2475,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5608), with no line terminators","md5":"80b9278488c080376c19e88c0a217c87","sha1":"6898c6e9b56f6bbb067e307bfdaa5dbd312ff313","sha256":"7946a7a7406de990bc5f91a28f03c02e0be7068704baa5bdb4d6eed0dd1563a4","sha512":"568a643e6688ae4ab350338b86c7c386447bfc59efd9fd9c75be34a0c70690cd9731b5a9d090d9d4f4b3ab8aaa57ef3a2a43d9fc07511058b82627e23f1c5ac8","ssdeep":"96:Eg1BcYm9PbxaKVkulwhJg6oGhzfcbvLhDg2LyvLhDg2LM:EfLchugggbavLdmvLdw","tlshash":"74c1c5de73b5b29791a370a5272fa20bf4357d23dcd4f910f622c49028795ae2185e4a","first_seen":"2026-07-02T13:03:20.172313Z","last_seen":"2026-07-02T13:03:20.172313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2Fd1dfa924a6652d58c75bf0915a726d7db502f856-1080x1080.jpg\u0026w=640\u0026q=75","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.287Z","timestamp":1782997348287,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F330xhmya%2Fproduction%2Fd1dfa924a6652d58c75bf0915a726d7db502f856-1080x1080.jpg\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/5a9659fe65a50ebb.css","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.102Z","timestamp":1782997345102,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /5a9659fe65a50ebb.css HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 17331\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":116404,"size_decoded":17641,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (33082)","md5":"720f90c0d77ccb87d906fed4de398cdb","sha1":"60760cea15d2b67d9e61db4df4838298ead55a56","sha256":"788c21aee9034cb10ace7a39889723ba43b7e0e7375d5c7eed8e0279e7e41c8c","sha512":"fbfe80a7acf4f311969a27623f5edbd395bc220021e4e422f0b4741e384d10588bd2b54a4a5b59bf630c068f783ad94b308cd3f89faa404e15130504921e335e","ssdeep":"3072:tb025xEFtuajFy9Kh1CfedQf4jWVPSV7yhtKB2YvGWUxluhIewgxV4JS:N025xEFtuajFy9Kh1CfedQf4jWVPSV7L","tlshash":"57b3d82e7740321a1c3789f3e2d2a99cd63a99c1af3a96f7793215144fe42e71d13a4c","first_seen":"2026-07-02T13:03:20.173721Z","last_seen":"2026-07-02T13:03:20.173721Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/289-3937c8927401961f.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.125Z","timestamp":1782997345125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /289-3937c8927401961f.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2772\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9655,"size_decoded":3009,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (9655), with no line terminators","md5":"83d003a6561f83f66b8503debd604d49","sha1":"7128e05ab733749970fa119e19bb7a9356d9f057","sha256":"62733f2042957c7b9321a038ecdbe94e3560669e55f3864396351848658375bb","sha512":"da705c7d41287b59e7e02842753e64c9d988016981cd12ecee4464edbbcf04f02f76e01eaf5eef086604a2e533362db0b10424cae8a0e7a2451701492df1601c","ssdeep":"96:nyl9hsODCkCOsfP6Y3vLrGFm7+GNIhgfl6p9NYAG9NW+z3uVp+3wVEb2d8wNy19M:yvBCOQf9NV7W6eBNyzZjAn","tlshash":"b812625ea550beecfa6fc988bf6f604c721f1744dd4d88a4b9b9580418809d8b223fdd","first_seen":"2026-07-02T13:03:20.152891Z","last_seen":"2026-07-02T13:03:20.152891Z","times_seen":1,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/11-15341343d0b6fc7b.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.789Z","timestamp":1782997346789,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /11-15341343d0b6fc7b.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5195\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16176,"size_decoded":5432,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (16176), with no line terminators","md5":"9f5c41b9b77145e92cbe47cc3f90852c","sha1":"90ded356037c0bf7d2b858b1d3e52463ce075edb","sha256":"8e3fe0fe2b095f1775115c21014d9dc3d9c1bd785f6728514c8b8fb012ebfe6d","sha512":"cd2277d73d9d2dd69e8ecf1ced62b9d20abb1910fd49bd6c269cb8a85cab2bb7df73773502c5c18fbc02d80b6ee2ce96a0b8a6c550e170a8a9f92737d4965b0f","ssdeep":"192:e/m1wL7bqIOu3F7LqAHUM1Fcnref+O1t91SgjSTNgUwbRr0113pzqxvl3AoK:e/CEnqkF5DMit91SgdRoH9qxvl3A9","tlshash":"1972d8e8b3f07a9ca50787d8e67f985cb35e1988eb1d8c95f1bd98540641088fac3ec4","first_seen":"2025-10-22T18:22:16.112077Z","last_seen":"2026-07-02T13:03:20.175236Z","times_seen":3,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/recaptcha__en.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/index_6.html","date":"2026-07-02T13:02:28.546Z","timestamp":1782997348546,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /recaptcha__en.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/index_6.html\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 343133\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":829613,"size_decoded":343372,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (558)","md5":"07bd9db323e20c5712464eae395c4bbe","sha1":"ac8fec5c3ef6987c9bba9ec707575c133dc32876","sha256":"58e16769fc5ea29486677fff7b25f0acd26e0077ef0e0d0a1c5c56545bc7b77a","sha512":"c840b50405fd4d0c82ccff537be49125cdc04674237f1945e8963c276dba99bb39b275d952f5033a7ea3978af474d3a56e932709673d00b973454102489dcef1","ssdeep":"6144:KmRDQSxp9xWrL3fe2ioyvWCbhjXapYaqqPeGfFrFVCk6y27CKIRIR8LzWpKofGnZ:d9Q49YrL3feq2sFVUCTI6EKofqnZ","tlshash":"d50519dcb5427b619332bdf160671068673e9a56c458096db2d8c4f43eb8809b2a3ff7","first_seen":"2025-10-29T09:05:47.950022Z","last_seen":"2026-07-02T13:03:20.166544Z","times_seen":13351,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/osano.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.105Z","timestamp":1782997345105,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /osano.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 65536\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":247498,"size_decoded":65774,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65473)","md5":"6070351558607ed165ab52d9cf4d96d5","sha1":"de218d6ac2ff85023562b218613653c3e8a43cb8","sha256":"674846e662453a013ae862298dcaa027d5cf2f105e97f8a6fdeab828dafe68f1","sha512":"f23a484f72caa7f2b45637583d008610d867e6281c976412a2e77d213093c33e16442bb6f170f6ac566da704e9620b3637a4616c5127af1372c0832e69fa7106","ssdeep":"3072:3SVUaaJh5EXenNxSmorLpJsBsu8Ka5bZ+Zkf3qb+5d6hvOohHt9QnHXcaY:3iUBNNNx/ra5V8kPa+5d6hvOohHt98Mf","tlshash":"c83439a136d9f5f103e202d9c87b0201f2299f157829e4e0f3a8ded51854a8b65b6f7f","first_seen":"2026-07-02T13:03:20.175892Z","last_seen":"2026-07-02T13:03:20.175892Z","times_seen":1,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":207,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_1.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.682Z","timestamp":1782997345682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 626\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2032,"size_decoded":856,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2032), with no line terminators","md5":"094575a66dad396bfef4b2a160059c39","sha1":"cf25ffd30ff2fd173a355a568f8fd616c14e778a","sha256":"06826a5eed58397e376d22763676eed3f8d562c55c2e90637f34dc0579c20371","sha512":"adc7edeb3951163b616d7a927ca5481b81821fa95c3a93bfb990ccf69d7c3a11fb32eaa145490d38b5d19b7654ff4562717bcf16b54654d84387cbf582bb02d2","ssdeep":"","tlshash":"8741268698f7c771dc3d76429400d3f85963e3075399e7f85494812649a0e8f9cc75ae","first_seen":"2026-07-02T13:03:20.177203Z","last_seen":"2026-07-02T13:03:20.177203Z","times_seen":1,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/form-data/16845541115?gtm=45be5at1pfv9210328944z89204735153za204zd9210328944xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026npa=0\u0026frm=0\u0026pscdl=noapi\u0026auid=929305876.1782997346\u0026ec_mode=a\u0026em=tv.1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.151.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.090Z","timestamp":1782997346090,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"POST /pagead/form-data/16845541115?gtm=45be5at1pfv9210328944z89204735153za204zd9210328944xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115938466~115938468~116217636~116217638~116253087~116253089~116254369\u0026npa=0\u0026frm=0\u0026pscdl=noapi\u0026auid=929305876.1782997346\u0026ec_mode=a\u0026em=tv.1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/852-11362cc70b086e7c.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.853Z","timestamp":1782997346853,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /852-11362cc70b086e7c.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 36231\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":142331,"size_decoded":36469,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7a29d60137bb089e3f7574e6fc84fa00","sha1":"68fbc9bc1fc61d3a73debc73d9cb462aedac7a8b","sha256":"c6dae96860f72b1f599cdc73281de47d2ad3e3044cf05b4e627c59af5aea253f","sha512":"42dfe402e51c71d30e577b7dfcdc527a16db453703e723ae5af09f6535a2383e8ee954b7d72565a10cee4945095d7fd9c4381f0e50dffebf0e9841d7c6e7d6dc","ssdeep":"1536:O5S8aJwSL0F6f/NtugjE4g88xleDMyUO7rT+xj5x8sr0RkuX7QPB2d1dXa5WChVE:ujM/N0gHg88G+x3rQk+/d1dwTaH","tlshash":"ddd38865a2a5bfecf82b8ad4552f500c722f2f94db0e88f4b5ba68341b440e47953fc5","first_seen":"2026-07-02T13:03:20.163804Z","last_seen":"2026-07-02T13:03:20.163804Z","times_seen":1,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/favicon-16x16.png","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:27.931Z","timestamp":1782997347931,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 624\r\ndate: Thu, 02 Jul 2026 13:02:27 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":624,"size_decoded":888,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced","md5":"de5d1cdaaa4cca5c6e7147e5cd7c010c","sha1":"d709aa0433947741a56eab520f267165ad506420","sha256":"ebb04b5c81b2d9a68516e8072879580bdc21374535a12c05a18f25fdaa887eaa","sha512":"29c99dfbc691daac4f5663b3ac17ba96d1cb389165d54329f1520998161f704e7af758f7d1f958dc92312bac7a41a2bc7501ef2643eed28f3adc84234223dad5","ssdeep":"","tlshash":"79f002dab63873f2c80f22aa22a693c4ff28c10720d10c49b65cd37e1824b8b1db4d46","first_seen":"2025-10-22T18:22:16.267099Z","last_seen":"2026-07-02T13:03:20.178553Z","times_seen":4,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"forms.hsforms.com/embed/v3/form/45047878/b4672f8f-dc2c-433b-a54e-a2d232d70a23/json?hs_static_app=forms-embed\u0026hs_static_app_version=1.9978\u0026X-HubSpot-Static-App-Info=forms-embed-1.9978","fqdn":"forms.hsforms.com","domain":"hsforms.com","tld":"com"},"ip":{"addr":"104.18.80.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.274Z","timestamp":1782997348274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hsforms.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Jun 2026 18:59:17 GMT","end":"Wed, 23 Sep 2026 19:59:11 GMT"},"fingerprint":{"sha1":"3E:F5:95:01:EA:76:DB:38:1D:AC:0E:40:6C:05:78:E4:41:36:CB:20","sha256":"56:51:B6:0B:63:E3:9C:2B:39:8C:D2:CA:EB:72:36:A8:60:BA:A1:00:8F:EA:F3:A2:D7:20:A4:C5:0F:23:F5:3F"}}},"request":{"raw":"GET /embed/v3/form/45047878/b4672f8f-dc2c-433b-a54e-a2d232d70a23/json?hs_static_app=forms-embed\u0026hs_static_app_version=1.9978\u0026X-HubSpot-Static-App-Info=forms-embed-1.9978 HTTP/1.1\r\nHost: forms.hsforms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://midnight.glacier-rep.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\ncontent-type: application/json;charset=utf-8\r\ncontent-length: 1466\r\npriority: u=3,i=?0\r\nx-origin-hublet: na1\r\nvary: origin, accept-encoding\r\nx-hubspot-correlation-id: 019f22ec-7012-7abc-8f83-efd3a57a4b19\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://midnight.glacier-rep.com\r\naccess-control-allow-methods: OPTIONS, GET\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\naccess-control-max-age: 180\r\nx-content-type-options: nosniff\r\naccess-control-expose-headers: X-Origin-Hublet\r\ncache-control: max-age=0, no-cache, no-store\r\nx-robots-tag: none\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=QycW8uOQqm1gWeffyYgqx4CstaMgofkJOkgL1qNy.qs-1782997348.299288-1.0.1.1-xA4kggCrUGrJQ7wdXTu2gO5EGz_eSx0yzcq_S3LZXYapiZjd_3S4FsNFEfRJWOUfZFy2VNEtJoAYk_.2TbofzbMt8zdD7u6EhEcwarCWgCMRBsW9Dm46D4oWgsucfrTD; HttpOnly; SameSite=None; Secure; Path=/; Domain=hsforms.com; Expires=Thu, 02 Jul 2026 13:32:28 GMT\r\nserver: cloudflare\r\ncf-ray: a14dd852dfd0712b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: hcid;desc=\"019f22ec-7012-7abc-8f83-efd3a57a4b19\", cfr;desc=\"a14dd852dfd0712b-IAD\", cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3707,"size_decoded":2711,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ebc0f1dc82472ea9c35436b39ac9c4fb","sha1":"995b84211c628c000f5bdea3470d3a8c57188985","sha256":"5943e1191349fe87e1ca72984f86f08aeebf0b996559eefbb175fccc5e91a5b7","sha512":"06990db8905556b239e931b46bed2f2195940b551b476666cbff0a08f0c9e3075edf34b0709a302991438ad315e71600426b9b98df867769cf44d5ac3f181612","ssdeep":"","tlshash":"eb71ba482500ccbe8b470a96b9f97f07a6ec601e73d5a848d94dce7c82ce57d1763147","first_seen":"2026-07-02T13:03:20.179304Z","last_seen":"2026-07-02T13:03:20.179304Z","times_seen":1,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":3,"connect":19,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_next/data/QBEE3mluZfbFxSVyI0d3m/faq.json?flexible_page_slug=faq","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.752Z","timestamp":1782997348752,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_next/data/QBEE3mluZfbFxSVyI0d3m/faq.json?flexible_page_slug=faq HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://midnight.glacier-rep.com/\r\npurpose: prefetch\r\nx-nextjs-data: 1\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1459,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-03T18:16:16.023089Z","times_seen":138212,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_buildManifest.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.131Z","timestamp":1782997345131,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_buildManifest.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 833\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2458,"size_decoded":1069,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (2458), with no line terminators","md5":"ab1d832944b0908a08037f32c3a762ff","sha1":"45f4a39afc01cabfb1a393d18190678bc9bef917","sha256":"3ed32a172586d96077e8dab3f63d59a13a130795225d28d048b00c17bf0edfa4","sha512":"6c507b0295931c4b8d9d4dcaa53ca97b3416a8c9c8c6974aba05d2a17901179a47be107983352375a61e9081f5ca115f56d7445d54989dc0dc1aa7b24e0e732d","ssdeep":"","tlshash":"e4518b87000af8461db9dcde342b2be2db91fa3211381594f7cd4d68059c37a8fad832","first_seen":"2026-07-02T13:03:20.180854Z","last_seen":"2026-07-02T13:03:20.180854Z","times_seen":1,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/main-1723870a3ff9841d.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.116Z","timestamp":1782997345116,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /main-1723870a3ff9841d.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 23:58:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 33992\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":135259,"size_decoded":34230,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"15b1a0e4655e3bdcdc0e5a40961c3eae","sha1":"faef69d505cfea77efb48a20b00fa81b5facd192","sha256":"6d9cd9237eb12261654cee3e3b77a0c5376ad40ebed83e33c70a182c360cefcd","sha512":"bc3fd6ee555ceda25d4d3346b835729fa1e1f99d993c4566211c1bdca20816e1b99ad45c640c1bf4beada6501ab187cf126bf7a6e2189c78f9adb2472c8bc5b3","ssdeep":"1536:ySRurvlQLXmyHIkMvsTDLgZE1IGV3SvwGeUtE/0BKuTgIcNB5f3Oou/Izxo1mp7i:+20+g0uQqzjo5zMyXA","tlshash":"5ad3a42a73d1ba31428af0a09c6fcc85f2b5592d029a240d575cdce9ad2487c93f6edd","first_seen":"2026-07-02T13:03:20.182316Z","last_seen":"2026-07-02T13:03:20.182316Z","times_seen":1,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/images/330xhmya/production/551f8492831e82d60b9d7a5d294faf69ac0a3e1b-69x69.svg","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.556Z","timestamp":1782997348556,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /images/330xhmya/production/551f8492831e82d60b9d7a5d294faf69ac0a3e1b-69x69.svg HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nsanity-inflight-current: 0\r\nsanity-inflight-limit: 200\r\nx-sanity-asset-storage: gcs-default\r\ncontent-security-policy: script-src 'none'\r\nx-content-type-options: nosniff\r\ncache-tag: dataset-330xhmya-production,dataset-330xhmya-production-asset-551f8492831e82d60b9d7a5d294faf69ac0a3e1b\r\ntraceparent: 00-608b243dc703f5a16fddfd321b800083-c4153a81c15aad1e-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nxkey: project-330xhmya-production\r\ncontent-encoding: br\r\nx-varnish-age: 0\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ndate: Wed, 01 Jul 2026 13:32:33 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Wed, 28 May 2025 19:51:39 GMT\r\ncontent-type: image/svg+xml\r\nvary: origin, accept-encoding\r\ncontent-length: 343\r\nage: 84595\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":850,"size_decoded":1255,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e9c2387c6a15aa02cbf40448b25a8522","sha1":"5490d5a427ebe1af184892bd1c1d8d8d5c369f97","sha256":"329dc7e9d202f5ce0f26119825110f42fb6b06c4c4ddbc19437691168b64996d","sha512":"f0e4f6cd06287f8e5fa0fbe194b5316d4d11a78d83e762b7caf01012574695569e85e36ecb0004cd9a3ea349858619af107cebcd237b52e934bb64a81092bad9","ssdeep":"","tlshash":"7b01af54013cdf4aa5619bdcc9ef9197e82e65c66784cce9e31024a9f8829451843cd6","first_seen":"2026-02-14T07:25:06.106324Z","last_seen":"2026-07-02T13:03:20.140769Z","times_seen":3,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/js.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.096Z","timestamp":1782997345096,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /js.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 124265\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":378687,"size_decoded":124504,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"c120aa27ed66a5676adc12f5a86acfa6","sha1":"84eae7b129d14575c14755170d5430c287e736fa","sha256":"0fdb79e5520db869a19a943f9cba1ce289045ae6df218ec3636712b5499770c5","sha512":"327082815bf95aee0ac61547c3d6989624a0f35eb808e8d2611d3627a9065eed3edd64420039ab8d616975392c34102f599efde8650847944d0efca62ab363f5","ssdeep":"6144:d5HIyd8fGd75KGq6ADRI6POLiYYgAxFOY9ftL/AJpkAgGpi:PHITGd75KGq6saLiYYAJ8H","tlshash":"798428cd73d674269392b478403f118ba17b69e2b84cc895f189cce42e74a9a4277f7c","first_seen":"2026-07-02T13:03:20.183668Z","last_seen":"2026-07-02T13:03:20.183668Z","times_seen":1,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/1p-user-list/16845541115/?random=1762176891089\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026userId=%5Bobject%20Object%5D\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026_tu=CA\u0026data=_tag_mode%3DAUTO\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0fikinLWPWHU-ntccqoGRVVj1B-C-EOn2ji_x4HQ8a5MoWvMwIO89EA2l3ucxXNtOmi4En5kh5Pddx4OMnmUPBSVarncN0tgmknGGT-Yh3jJJ9C3qMF3xE3vv_FKuo2uosFn8Jb17Z6pwopWEhv2bvTdBObQrHcjnNG7jWGpOQF5lL-2w158DQQ\u0026random=1229495457\u0026rmt_tld=0\u0026ipr=y","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:29.818Z","timestamp":1782997349818,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /pagead/1p-user-list/16845541115/?random=1762176891089\u0026cv=11\u0026fst=1762174800000\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026gtm=45be5at1v9210328944z89204735153za200zb9204735153zd9204735153xea\u0026gcd=13l3l3l3l1l1\u0026dma=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480709~115583767~115938466~115938469~116217636~116217638~116253087~116253089\u0026u_w=1512\u0026u_h=982\u0026url=https%3A%2F%2Fmidnight--app.web.app%2F\u0026frm=0\u0026tiba=Midnight%20%7C%20Bringing%20rational%20privacy%20to%20blockchain\u0026userId=%5Bobject%20Object%5D\u0026hn=www.googleadservices.com\u0026npa=0\u0026us_privacy=1---\u0026pscdl=noapi\u0026auid=1308689482.1762176888\u0026uaa=arm\u0026uab=64\u0026uafvl=Google%2520Chrome%3B141.0.7390.108%7CNot%253FA_Brand%3B8.0.0.0%7CChromium%3B141.0.7390.108\u0026uamb=0\u0026uam=\u0026uap=macOS\u0026uapv=13.3.1\u0026uaw=0\u0026_tu=CA\u0026data=_tag_mode%3DAUTO\u0026rfmt=3\u0026fmt=3\u0026is_vtc=1\u0026cid=CAQSjQEAwksa0fikinLWPWHU-ntccqoGRVVj1B-C-EOn2ji_x4HQ8a5MoWvMwIO89EA2l3ucxXNtOmi4En5kh5Pddx4OMnmUPBSVarncN0tgmknGGT-Yh3jJJ9C3qMF3xE3vv_FKuo2uosFn8Jb17Z6pwopWEhv2bvTdBObQrHcjnNG7jWGpOQF5lL-2w158DQQ\u0026random=1229495457\u0026rmt_tld=0\u0026ipr=y HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T18:16:34.634295Z","times_seen":16947930,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/v2.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.110Z","timestamp":1782997345110,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /v2.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 184459\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":590015,"size_decoded":184698,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65466)","md5":"ee75b7af42f690f585d77a5369807b3e","sha1":"80a9d3a3397c420fac9a485b6474ca3b59eb6b5f","sha256":"68682417e57ebfd06f5b9e10fce969291ebbfd36db36bcf46611d0de49548dc7","sha512":"6e7d7a5e1356c5246f7d136fc6afdbff396435473be99ec4497b34c7838d3def7f63d0d9da84ab65fe55fa24f4bdfda97506bf8967aee322318e965292912400","ssdeep":"6144:f8owT5y1EQ9RSM4JwmwJyr8eRNvyi6fMbtLKOdJBFL/hhltOkAxrxeGd6B1k+W20:U3TYSRNv6fsFjhhLOkAveGd6BnA7","tlshash":"74c45cc53185f0215bb301b660bf200ab33d5d29780d8990e765edda38e995ea17bfbc","first_seen":"2025-10-14T15:54:21.63668Z","last_seen":"2026-07-02T13:03:20.185082Z","times_seen":2114,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_app-936de39228525e83.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.117Z","timestamp":1782997345117,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_app-936de39228525e83.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 140808\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":484591,"size_decoded":141047,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d2dbfa16a994426dd19204ba5f3170c0","sha1":"3598ecace6c00d6b48c57d6aafb96f470a968fd3","sha256":"b6407aaa54c67ff97299f1777d83293d28796e114a2e28ff008adab6589ee9a3","sha512":"3dc00bf10ed28161f59d7a2e289683e0ff27d56545d096f887449785c9b131489409e76cf773bba4ee6e13ca5028b31e92bc50593529d4baa630664549b9ebb8","ssdeep":"6144:TE9ut49MOfxyhG7O/BuBNBGA5W4VUtSU7/bWmACwT4Dsm7IIfdrtA1e1/:TrODw+O6YbWmTfj/","tlshash":"88a44cc97391b15583db52e6807f110af33f6d98240d442cf6b4ecdab965988a2b7f38","first_seen":"2026-07-02T13:03:20.1864Z","last_seen":"2026-07-02T13:03:20.1864Z","times_seen":1,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_2.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.981Z","timestamp":1782997345981,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_2.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 626\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2032,"size_decoded":856,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2032), with no line terminators","md5":"3894cbba8998877b7b468e0da064660f","sha1":"46f31d95a37f8e22a50127d0c923e8899928ff61","sha256":"6e248a2401d5c4c178b3a12f2b553f21389bdb9f59a08b8b63dcb944702bafad","sha512":"d4578d59081fe2cf9f75fdedaeba1e9506f474029b871fa5067cf009e5f97f6ec805bdf3d3c3d34230ef0da9a2f0c2ef6244cd715327f3ef4d78a825c362506c","ssdeep":"","tlshash":"ec41378698f7c7719c3e76429400d3f85923e3075399e7f85494c12649a0e8f9cc75ae","first_seen":"2026-07-02T13:03:20.187792Z","last_seen":"2026-07-02T13:03:20.187792Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/990-806d3e61c60821ed.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.496Z","timestamp":1782997346496,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /990-806d3e61c60821ed.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 26976\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":84695,"size_decoded":27214,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6502f8d5f8c7c2c472bb2ced668e2061","sha1":"d60564120de2b8dd6ab136db932960739032ce01","sha256":"bf43164875884cb0129ab01d824602b8f0c803b10e01ccdd5b6a5d9e708a30c2","sha512":"cc7a1a57962781f417d8fe876ab8a120cbdf1f60ec78d84ba89e178683e52d689d89d3419827202d44b4b91186ac34284e86c795317cdc6a5ad16a0112be2cd6","ssdeep":"1536:5lVL5SL+S58xm0Er9fg0z+ZeMehvrPb5m7KNTH9Pl325f9dpfd3UEtor:7VM584AZeMey8ZPlMFby","tlshash":"e58318c67292f074cbab6166803f440ef23b2a98644d4004f37ad9d93c79999d377f6a","first_seen":"2025-10-22T18:22:16.271856Z","last_seen":"2026-07-02T13:03:20.131853Z","times_seen":2,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":76,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.sanity.io/images/330xhmya/production/75f65fd2d9da0ad1ff8c6f6430a2301b64d6e7de-40x40.svg","fqdn":"cdn.sanity.io","domain":"sanity.io","tld":"io"},"ip":{"addr":"34.149.250.58","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:28.561Z","timestamp":1782997348561,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sanity.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:8E:04:FA:7A:E8:3C:E3:65:0C:EF:9B:20:BE:E0:B7:35:28:DF:31","sha256":"EC:EA:80:B1:76:4D:5A:2A:21:4D:14:C2:69:9B:19:A6:58:1F:CD:AD:62:43:D5:66:C9:8C:AA:47:AB:3B:F9:AB"}}},"request":{"raw":"GET /images/330xhmya/production/75f65fd2d9da0ad1ff8c6f6430a2301b64d6e7de-40x40.svg HTTP/1.1\r\nHost: cdn.sanity.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nsanity-inflight-current: 3\r\nsanity-inflight-limit: 200\r\nx-sanity-asset-storage: gcs-default\r\ncontent-security-policy: script-src 'none'\r\nx-content-type-options: nosniff\r\ncache-tag: dataset-330xhmya-production,dataset-330xhmya-production-asset-75f65fd2d9da0ad1ff8c6f6430a2301b64d6e7de\r\ntraceparent: 00-ffacd978eee3435962084b172d2a84e3-c511ae3d93e86a0f-01\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nxkey: project-330xhmya-production\r\ncontent-encoding: br\r\nx-varnish-age: 0\r\naccept-ranges: bytes\r\nvia: 1.1 google\r\ndate: Wed, 01 Jul 2026 13:32:33 GMT\r\ncache-control: public, max-age=31536000, s-maxage=2592000\r\nlast-modified: Fri, 09 Aug 2024 13:24:27 GMT\r\ncontent-type: image/svg+xml\r\nvary: origin, accept-encoding\r\ncontent-length: 517\r\nage: 84595\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":912,"size_decoded":1429,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"22405ba12bb9fb6831939842f9518d38","sha1":"9fa5f77a0191c5013cfa5df6ad7355975f58c3eb","sha256":"1b15a2d76ca54abf3d2b74d4d052b36693fe2dc3f5f22d8781b5a97847af011f","sha512":"fdbb924222b481594fec198a7d6c899e16b230941ee91a469df5034822f28ad6cbe4e1a22b3f88b8d2d08f08f805430f330823e4121a7307d3b9ae444820218d","ssdeep":"","tlshash":"f01140e947e907d8c166173ce69b8ea320af69ed19085050d7f8a80ea4000b8898d7d7","first_seen":"2026-07-02T13:03:20.162375Z","last_seen":"2026-07-02T13:03:20.162375Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/11-15341343d0b6fc7b.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.127Z","timestamp":1782997345127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /11-15341343d0b6fc7b.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:31 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5195\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16176,"size_decoded":5432,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (16176), with no line terminators","md5":"9f5c41b9b77145e92cbe47cc3f90852c","sha1":"90ded356037c0bf7d2b858b1d3e52463ce075edb","sha256":"8e3fe0fe2b095f1775115c21014d9dc3d9c1bd785f6728514c8b8fb012ebfe6d","sha512":"cd2277d73d9d2dd69e8ecf1ced62b9d20abb1910fd49bd6c269cb8a85cab2bb7df73773502c5c18fbc02d80b6ee2ce96a0b8a6c550e170a8a9f92737d4965b0f","ssdeep":"192:e/m1wL7bqIOu3F7LqAHUM1Fcnref+O1t91SgjSTNgUwbRr0113pzqxvl3AoK:e/CEnqkF5DMit91SgdRoH9qxvl3A9","tlshash":"1972d8e8b3f07a9ca50787d8e67f985cb35e1988eb1d8c95f1bd98540641088fac3ec4","first_seen":"2025-10-22T18:22:16.112077Z","last_seen":"2026-07-02T13:03:20.175236Z","times_seen":3,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/_.gif","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://midnight.glacier-rep.com/index_8.html","date":"2026-07-02T13:02:26.193Z","timestamp":1782997346193,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /_.gif HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/index_8.html\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Jul 2026 13:02:26 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 03 Nov 2025 13:36:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":42,"size_decoded":305,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-07-03T18:14:40.2218Z","times_seen":971832,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/index_5.html","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://midnight.glacier-rep.com/index_3.html","date":"2026-07-02T13:02:28.741Z","timestamp":1782997348741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /index_5.html HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/index_3.html\r\nCookie: _gcl_au=1.1.929305876.1782997346; _ga_SS9KZ3GN21=GS2.1.s1782997347$o1$g0$t1782997347$j60$l0$h1249560001; _ga=GA1.1.1711197542.1782997347\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Nov 2025 13:36:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2422\r\ndate: Thu, 02 Jul 2026 13:02:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6040,"size_decoded":2653,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1905)","md5":"9fe5f23931b856821c4c5b48d8ba1d06","sha1":"bcf975b2efdb85c1d277a7d01557652c96693cc1","sha256":"23f5d1b41acd54adb2d2278cd8738b2ea93a4453e7e920792450de8691663279","sha512":"20e4cffe7dd14e3e8c401c265250f6d92d3a4f61ba308805ea1d3ded835397a16f8161dd7308ff2f47501cec967096ed206f37607c628c10a3cf7fcd8aab6939","ssdeep":"96:mdB8pmlQtF0agdkppL5EmkLO0XW03BOd253IcIeBZr4Q4SAE2XOiU+Q8E6WU2er6:mJlQtFBgdkrLOmkLVXW0BOd25IcIArJl","tlshash":"40c1d74a65f6c231487db2a29116e354a06be3176109e7fcb0f888d15aa4d4f0d93a7c","first_seen":"2026-07-02T13:03:20.189031Z","last_seen":"2026-07-02T13:03:20.189031Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/script.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.100Z","timestamp":1782997345100,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 10 Nov 2025 23:16:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 136\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":225,"size_decoded":372,"mime_type":"text/javascript","magic":"ASCII text","md5":"09b23290f542d9a8d35799fe146de353","sha1":"723d11d2bea9dd89798cda8309991d60d2ce7619","sha256":"b30cd7b0be7c9d5ca11d5aa13a4231fe65e8a1c7d6a009b79ee7fd848e8a82a7","sha512":"fe9c12bb002d4ec74c7b359b367ac824780acacf01baa19058508458f023c24451b604cd784a406c4d676f0afdd8e05e1546f1dd6d7cf4c075225f347f34f954","ssdeep":"","tlshash":"4ed0a725527a0175617b4252ea4d3295e022006312489425fedd88052f94b1b3cf1fc5","first_seen":"2026-07-02T13:03:20.190126Z","last_seen":"2026-07-02T13:03:20.190126Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/webpack-1154df77b7e7d6f5.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.113Z","timestamp":1782997345113,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /webpack-1154df77b7e7d6f5.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1826\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4089,"size_decoded":2063,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3650)","md5":"401d275eac42478da2fb128bbccffbdd","sha1":"7c46dbd4abc82b49108e002eed8fefc4b7629d70","sha256":"a5bccca92eedf1c6e64fc742b24c7d7a62b64d400d11b2048e3f552b35000680","sha512":"2119ab2aef921831c3d12fa61de7f2341552c311b64584558f749bf4a9f3df5e0d9f38170a14656eec45f432b2b14fa4af78d6d5da9517dc3453b81a57460b77","ssdeep":"","tlshash":"b181b7ed7161f9b9178290e1403fd456b63e24b2291ee4a4ca1de8f5fc349498613fa8","first_seen":"2026-07-02T13:03:20.193975Z","last_seen":"2026-07-02T13:03:20.193975Z","times_seen":1,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/enterprise.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.133Z","timestamp":1782997345133,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /enterprise.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 977\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1772,"size_decoded":1213,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1772), with no line terminators","md5":"1b1e8ce70d22eb2457bffd151c42d9a9","sha1":"fdebdbd266699e0cb0fe5de29e54235edec713fb","sha256":"fdb0adeaf95c9b63eea059d0bfbb6938dd77fbbc1bc237f65514e7e26c0b9cf8","sha512":"bbf3cdb31b48b9c9714805b40ba711a89cc07d0a5c56ce0aa038c349c3301c522a677cfa955260c9c2634750400b638dbe9df569d916bbd7f5dcc455a28e1482","ssdeep":"","tlshash":"e13167fa1705a03e0bb64af1a5f9d772fd42701c905c44d8a511ae852edaccbce06966","first_seen":"2026-07-02T13:03:20.195411Z","last_seen":"2026-07-02T13:03:20.195411Z","times_seen":1,"resource_available":true,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/kapa-widget.bundle.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.135Z","timestamp":1782997345135,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /kapa-widget.bundle.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 616974\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2103310,"size_decoded":617213,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65398)","md5":"0d91e1de5068619e775b77456ccf4d1e","sha1":"2177541afd7ea4ae9e931d1917d0c37bd9445895","sha256":"b903e76eac32414bdfb35d3f0d4faff50a07b5112497bac45cd8e0a9884fc734","sha512":"bac04828217d6c98434aebf794fabb7280d836474f8f5bee7a18c0bdfd0b88db6bc48b9cbc70a91563cb6033783929b5b1773269c415d3bd3a45e672788f6a92","ssdeep":"24576:o4QCayRvWnlF65pmhGPRCs1YA6maRVIHKMb:o4QZyVWnlF650hGP0s1YA6maRVIHKMb","tlshash":"e3258eec78b5785207a390a5a0674105f2361836f84e8561f3b4de4ea4b784e43a7fef","first_seen":"2025-10-14T21:25:20.979114Z","last_seen":"2026-07-02T13:03:20.196533Z","times_seen":59,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KHVQ32BT","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:25.685Z","timestamp":1782997345685,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtm.js?id=GTM-KHVQ32BT HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 13:02:25 GMT\r\nexpires: Thu, 02 Jul 2026 13:02:25 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 02 Jul 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165376\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":501649,"size_decoded":166026,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (29367)","md5":"6349319e26acdfa8558262ca541a0dac","sha1":"26ad56fa40980fad7e9bc6d913111b699dda3f22","sha256":"d1f2ce093adfa9dffa0daa226ec5293ce1f4f42215bf6eec3032883c7213db48","sha512":"c989ea9fd7594135d81220ef3f7a9c6bf077ec8fe1a2f4b18a39923bd9e85d6d7c8d093799697720c18d4a42e9c8bf7178ac5c0e239262b6ef20c2831aed653e","ssdeep":"6144:18+PtCn0y5ifGCvJWXLd5fpcxIGQznsWBfyZWmeo:18+PYYVKL/EZJb","tlshash":"35b41aceb3d674265392b478503f018ba27a25e2f44dc8a9f186dcd42e7469a8133f7d","first_seen":"2026-07-02T13:03:20.197916Z","last_seen":"2026-07-02T13:03:20.197916Z","times_seen":1,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":14,"connect":16,"send":0,"wait":43,"receive":46,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"midnight.glacier-rep.com/730-c85af50501a266d1.js","fqdn":"midnight.glacier-rep.com","domain":"glacier-rep.com","tld":"com"},"ip":{"addr":"82.221.136.26","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://midnight.glacier-rep.com/","date":"2026-07-02T13:02:26.323Z","timestamp":1782997346323,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"midnight.glacier-rep.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 15:13:55 GMT","end":"Sat, 29 Aug 2026 15:13:54 GMT"},"fingerprint":{"sha1":"09:7F:6F:3C:82:9E:3B:00:57:71:78:7F:20:66:58:3A:56:F0:9A:56","sha256":"21:5F:6C:8B:12:08:93:68:2D:FD:2E:2E:08:BE:B3:A7:31:B1:39:A0:7B:5A:92:3A:66:30:61:BF:0D:4E:B4:A0"}}},"request":{"raw":"GET /730-c85af50501a266d1.js HTTP/1.1\r\nHost: midnight.glacier-rep.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://midnight.glacier-rep.com/\r\nCookie: _gcl_au=1.1.929305876.1782997346\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Mon, 03 Nov 2025 13:36:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4154\r\ndate: Thu, 02 Jul 2026 13:02:26 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10445,"size_decoded":4391,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10445), with no line terminators","md5":"76739ae14085eb2064bfd903e92f05a7","sha1":"f7714961329c6c9552e45236130f7ec5aaafcd57","sha256":"01a0dd77c5614d9ecfd1b45391b087b2454bd819d13b17c6814a397f3931b879","sha512":"6346c2df967fb6676e1d84e96f2aadeede618a83e484256f0c75a884e20afa83d10b0c9c24bd440f806acdfc6e6524ff564e407e2386d43e2761663032397298","ssdeep":"192:efuL4DqCMmXiar1qgeI2BjRwEJnD1Ze+waGS1RFdYypFKyVXsFAhI1:9LavMtgUgoBI+x7vpV8KU","tlshash":"40224ab336dafcdb630b91e8c52f000df37909712629e105abe089c59670568e1a3f7e","first_seen":"2025-10-22T18:22:16.260579Z","last_seen":"2026-07-02T13:03:20.155657Z","times_seen":2,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"midnight.glacier-rep.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
