{"report_id":"00224181-fd9d-400c-b72d-dab16a934d11","version":6,"status":"done","tags":[],"date":"2025-12-05T00:46:32Z","url":{"schema":"http","addr":"canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"title":"canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","dom":{"size":317,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"9f7dce3a9ac53b3658e5f4da4d302f53","sha1":"38a0c6a01f842180e3eb6b7cdf970a3d8a40ec4b","sha256":"f292592bad71c3889246a271ba025bd34d65380b227ab9b2cc973964a3e8bfa1","sha512":"728c03774fe9c8dab68894349968936de9069bf2b8de216b692aeee9d550fddc3ab2d6e792cdb71506be6683ff6cead60972a84a5af10e58d806728867d71164","ssdeep":"","tlshash":"32e026a9580e848daa55a2b02abf56184c0b72ac1ac5d307b18041500b0820f9e02144","dom_hash":"domhash62dcd780c1cf29b4fdf574f00b94d007","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-09T00:46:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":5,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:11Z","timestamp":1764895571,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:11.943525+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":710,\"bytes_toclient\":916,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"high","alert":"ETPRO EXPLOIT_KIT FoxTDS Initial Check","source":"{\"timestamp\":\"2025-12-05T00:46:12.230073+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"144.126.219.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.11\",\"dest_port\":58276,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2859622,\"rev\":1,\"signature\":\"ETPRO EXPLOIT_KIT FoxTDS Initial Check\",\"category\":\"Exploit Kit Activity Detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"FoxTDS\",\"TDS\"],\"tls_state\":[\"plaintext\"],\"updated_at\":[\"2025_01_17\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"files\":[{\"filename\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":458,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":1168,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:12.230100+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":1234,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.228792+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":278},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1878,\"bytes_toclient\":1902,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.467584+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":8,\"bytes_toserver\":2404,\"bytes_toclient\":2292,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"canada55.l5.ca","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2001-02-06","domain_rank":0,"first_seen":"2025-12-05T00:46:32.98949Z","last_seen":"2025-12-05T00:46:32.98949Z","alert_count":10,"request_count":6,"received_data":1756,"sent_data":2854,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.inonweb.com","ip":{"addr":"172.67.199.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-23","domain_rank":0,"first_seen":"2025-04-02T01:57:01.037182Z","last_seen":"2025-11-17T10:15:16.89493Z","alert_count":0,"request_count":1,"received_data":606,"sent_data":569,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f347cfca7cf29117b42a43951045269e","sha1":"ff490b78e3712762bade64a2b25ee038165cff65","sha256":"18396e46ad65b630911ed42e114895cc4d5e02e7f0461f27bf074b2e91c0ccfe","sha512":"29cfecc81d1cbb85aa7585536b6e4421d4155217470f34348dcf2b57edbd1734f7023bdf3eead0330617217f2ca990c8626bc1f36748f88384949a84b7b3fb14","ssdeep":"","tlshash":"2ae0618db5da621587b231564c735d40d53358e5780b5086e0ed058a0ccc71f429febc","size":400,"data":"","first_seen":"2025-03-03T06:02:16.603244Z","last_seen":"2026-06-06T22:47:29.887326Z","times_seen":1670,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:11Z","timestamp":1764895571,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:11.943525+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":710,\"bytes_toclient\":916,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"high","alert":"ETPRO EXPLOIT_KIT FoxTDS Initial Check","source":"{\"timestamp\":\"2025-12-05T00:46:12.230073+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"144.126.219.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.11\",\"dest_port\":58276,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2859622,\"rev\":1,\"signature\":\"ETPRO EXPLOIT_KIT FoxTDS Initial Check\",\"category\":\"Exploit Kit Activity Detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"FoxTDS\",\"TDS\"],\"tls_state\":[\"plaintext\"],\"updated_at\":[\"2025_01_17\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"files\":[{\"filename\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":458,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":1168,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db7a5f3a67411b624e4c8a4d74c2a315","sha1":"ad69babba789e8791ac9061df37ac5279ab59cbc","sha256":"5507cf70dedbb713397c512c2b2397eb23c96fc7ec9c52daf8a82d6b42f944c8","sha512":"3142c3b5a737ba5821831d9761e70e42c95b8f677c0f0346f3a543d8ae6eebd94eb19e2e17416395ac0fce03be25343e666ff9fcec5fcbd882f793a013e39af4","ssdeep":"","tlshash":"bdd02e19040d84ccab8ad2b0237f0a248c1b32ec0ac8a343b19402101f0820faa02259","size":252,"data":"","first_seen":"2025-12-05T00:46:35.102139Z","last_seen":"2025-12-05T00:46:35.102139Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.228792+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":278},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1878,\"bytes_toclient\":1902,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-05T00:46:10.746Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11 HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T02:37:22.206617Z","times_seen":16457685,"resource_available":true,"data":null}},"time_used":496,"timings":{"blocked":496,"dns":0,"connect":177,"send":0,"wait":0,"receive":0,"ssl":179},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:11Z","timestamp":1764895571,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:11.943525+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":710,\"bytes_toclient\":916,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"high","alert":"ETPRO EXPLOIT_KIT FoxTDS Initial Check","source":"{\"timestamp\":\"2025-12-05T00:46:12.230073+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"144.126.219.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.11\",\"dest_port\":58276,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2859622,\"rev\":1,\"signature\":\"ETPRO EXPLOIT_KIT FoxTDS Initial Check\",\"category\":\"Exploit Kit Activity Detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"FoxTDS\",\"TDS\"],\"tls_state\":[\"plaintext\"],\"updated_at\":[\"2025_01_17\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"files\":[{\"filename\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":458,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":1168,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-05T00:46:11.614Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11 HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nX-Address: gin_throttle_mw_7200000000_91.90.42.154\r\nX-Ratelimit-Limit: 500\r\nX-Ratelimit-Remaining: 499\r\nX-Ratelimit-Reset: 1764899171\r\nDate: Fri, 05 Dec 2025 00:46:11 GMT\r\nContent-Length: 458\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":458,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (398)","md5":"0a3e69b8b37a6df0acd7e7f5d9d3b854","sha1":"680de96cfe2aff1b030bfbd4a7cfa2529993ea61","sha256":"0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a","sha512":"9c5c0679e082a5776536835110b90436cd6531e3b2c4fc7a15bdce7f550d6647447c904e68d660faf81e39c108e17198830e8b133e86d8559180fa6fb5ce25c7","ssdeep":"","tlshash":"04f05c89f9ca611682b2315a8833ad089433c8e6a40b6086e0ed05871ccc75b429feac","first_seen":"2023-08-15T15:56:40Z","last_seen":"2026-06-15T01:39:11.712661Z","times_seen":3418,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":165,"dns":1,"connect":165,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:11Z","timestamp":1764895571,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:11.943525+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":710,\"bytes_toclient\":916,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"high","alert":"ETPRO EXPLOIT_KIT FoxTDS Initial Check","source":"{\"timestamp\":\"2025-12-05T00:46:12.230073+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"144.126.219.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.11\",\"dest_port\":58276,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2859622,\"rev\":1,\"signature\":\"ETPRO EXPLOIT_KIT FoxTDS Initial Check\",\"category\":\"Exploit Kit Activity Detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"FoxTDS\",\"TDS\"],\"tls_state\":[\"plaintext\"],\"updated_at\":[\"2025_01_17\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":458},\"files\":[{\"filename\":\"/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":458,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":1168,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"canada55.l5.ca/favicon.ico","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","date":"2025-12-05T00:46:12.068Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Type: text/plain; charset=utf-8\r\nX-Address: gin_throttle_mw_7200000000_91.90.42.154\r\nX-Ratelimit-Limit: 500\r\nX-Ratelimit-Remaining: 498\r\nX-Ratelimit-Reset: 1764899171\r\nDate: Fri, 05 Dec 2025 00:46:12 GMT\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T02:37:22.206617Z","times_seen":16457685,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:12.230100+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":1234,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.467584+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":8,\"bytes_toserver\":2404,\"bytes_toclient\":2292,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-05T00:46:13.040Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11 HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T02:37:22.206617Z","times_seen":16457685,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":333,"dns":0,"connect":165,"send":0,"wait":0,"receive":0,"ssl":167},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.228792+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":278},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1878,\"bytes_toclient\":1902,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-05T00:46:13.716Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11 HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nX-Address: gin_throttle_mw_7200000000_91.90.42.154\r\nX-Ratelimit-Limit: 500\r\nX-Ratelimit-Remaining: 497\r\nX-Ratelimit-Reset: 1764899171\r\nDate: Fri, 05 Dec 2025 00:46:14 GMT\r\nContent-Length: 278\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":278,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"ba15a20363976ce5dfbe31c44e760e35","sha1":"34f9d6c568c5e5ec3eb061875df468ea0bd8d545","sha256":"2b22ea1934abf8ad5d98645abf046c31e6c7d695ef99af832151942ea643d4de","sha512":"1e8b2d06d2391390d41139be1da22f98b506074c3c47a6f0ef12b108fe82a85469ff0a23448b668ee4d1ac512dd3a20181492ba8d378b1811370067bd4c0dd11","ssdeep":"","tlshash":"fed02b195c0ec4cdab85d270737f5a284c1772dc4ac5d34bb19402501f0820f5f02555","first_seen":"2025-12-05T00:46:35.100714Z","last_seen":"2025-12-05T00:46:35.100714Z","times_seen":1,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":514,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.228792+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":278},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1878,\"bytes_toclient\":1902,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"canada55.l5.ca/favicon.ico","fqdn":"canada55.l5.ca","domain":"l5.ca","tld":"ca"},"ip":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11","date":"2025-12-05T00:46:14.262Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: canada55.l5.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Type: text/plain; charset=utf-8\r\nX-Address: gin_throttle_mw_7200000000_91.90.42.154\r\nX-Ratelimit-Limit: 500\r\nX-Ratelimit-Remaining: 496\r\nX-Ratelimit-Reset: 1764899171\r\nDate: Fri, 05 Dec 2025 00:46:14 GMT\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T02:37:22.206617Z","times_seen":16457685,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:12Z","timestamp":1764895572,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:12.230100+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":1234,\"bytes_toclient\":1240,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-05T00:46:14Z","timestamp":1764895574,"ip_dst":{"addr":"144.126.219.29","port":80,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":58276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain","source":"{\"timestamp\":\"2025-12-05T00:46:14.467584+0000\",\"flow_id\":1288671304310787,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58276,\"dest_ip\":\"144.126.219.29\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2040093,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.l5 .ca Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"canada55.l5.ca\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://canada55.l5.ca/t/4FdHCa56056otkBm856Bjpb0BFF0LvsM0oZFf11\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":8,\"bytes_toserver\":2404,\"bytes_toclient\":2292,\"start\":\"2025-12-05T00:46:11.614403+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.inonweb.com/26SW6BND/7J74NZ6M/?sub1=11\u0026sub2=856-56056\u0026sub3=0-0-0","fqdn":"www.inonweb.com","domain":"inonweb.com","tld":"com"},"ip":{"addr":"172.67.199.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-05T00:46:15.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inonweb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 14 Nov 2025 10:46:49 GMT","end":"Thu, 12 Feb 2026 11:44:25 GMT"},"fingerprint":{"sha1":"F6:6E:CE:1C:DD:E9:8B:4B:FB:23:27:64:75:5B:82:B5:0A:B2:6C:9A","sha256":"8D:E4:1C:DD:85:73:BB:54:85:20:19:12:90:25:C8:84:71:DD:3B:A5:F1:18:9E:FA:95:A6:99:28:FC:54:BB:00"}}},"request":{"raw":"GET /26SW6BND/7J74NZ6M/?sub1=11\u0026sub2=856-56056\u0026sub3=0-0-0 HTTP/1.1\r\nHost: www.inonweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://canada55.l5.ca/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 05 Dec 2025 00:46:15 GMT\r\nserver: cloudflare\r\naccept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model\r\nvary: Origin\r\nx-eflow-request-id: 282f7adc-f2c9-45e2-b75f-94092cb41410\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zQT8HYeAwgkbiukRfLUTuMgnrywsCgE29LCW7cFnu%2BZ3Rlaxr7l1IToBq6JAezi2FJDnW5NtIIp38nzQuYbm5IrtQIReIjUV7KcY05E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a8f8681ea2a712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T02:37:22.206617Z","times_seen":16457685,"resource_available":true,"data":null}},"time_used":479,"timings":{"blocked":82,"dns":62,"connect":1,"send":0,"wait":315,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}