{"report_id":"0641bba3-3174-4c14-9acc-2c09d7a4569c","version":6,"status":"done","tags":[],"date":"2024-07-16T13:54:55Z","url":{"schema":"http","addr":"usaf.mxoowxhr.top/?category=c3e6fb9688b43v/76f9ad/tanaj1/hyv9m/gahste_atvvaoa?wlagb5aajweut1ao7gayjse/zn2iahdputaa3ym4py3k8a_/8178b8/7wagf_shca_sg0akaaw_3qa_a?b-2/7veme/bpajyhlawu1teib1xf4da-kianqaw8ap_ywaa?e1iu/1d7c9f/_isaal_dahevyaiaasi_h7dlkey/0jeit64gn9xkv?dibwva84l...~311~.../hoz4aaiiy2eamtaaablf6auicauaa/60697c/_mE1AAANAo3eP_w2HICYnAAsIEA7kI2EZ/AA-tz?PPS9uC4StSDA4T7bAaK/nsAxclAx6A-_7J/f973c0/2W8SAI/EAyB2eA-mDT_A1ukH_vmE2jm6AczAA?A-2/UAAWsR/GAah3IG5sXDS3i4AdAvA7eAHA-/07d4ee/dzgJAA/WiYr5tHgAA_A8QAl0AAl3A0NY9?lksEsA6i1T_IH2oAjB_a7nqI1dip0BA/E41A7AtyAA?W/6fc96a/?7m_Y71eAeZaLs_yzIENyknNU6WAA9/4uVAAbAkAuA/rK4uIlnI6EAEWAt3whOrAhAAHQZAFX8/c77815/rH_6A3O?y/wfApdIlAAAsV2IFV?O/jUQA-XA_lOPvI_/sCAA48VziqguPzEJPNAZkEAGAAaAbeIbANA/511555/9ZI4MRhjl5SVIsiEd_anA-AtA8Ab38uN3dmA5/HHA?TAH0V2sF/Mvd5A_AaAAsnA/lAiVLHnrAV/46fc14/gAAA?lEnpi_c/A6AEg?6EA6yAIQHr5zxnXIs3kO3_-uAmADA3/v/ddgAcsNOKAOseGAc4MEARgI2pAA/c8c019/Ah-A2U4sckIAwtEEs_-4AjHu2Y-9AAsS0PAA3MA0HSbFAJctFU41/iv9?9/yVkC71KAPAAAnyd/2bfde9/EyUqAARDgAIAbsSA3rwBAAEtQtTGsLAMd40P/yhafp6dJYw_O_M9rA5XA/E9VH1A/rHAAA?8NN3?IDA/83cbf9/Gvt_HAEemCUAEeAvgzA_K7AIAAjsAFBsAOShNA8/53OIh-l?AAJFwv/AA2HAAHITLG5N?HF76IS4Tc/113ae9/AsGs6AEIAAiU/DbAupknxMureAT4te0lFA1AANyJIj1Axn5PnvvAHjmAoZwdY/KxSbQAKAl1?-/9f2241/DaUp4yXA_bA-J/AA2gMhHIs_n/IAbL?SBeAyyVA5HACVegNjd?bA8At/Y6AzEcp6pvANsYEA1KcAAA9/121dae/jqtbvRZqRSA6IA-AjA/RIANA48js7IAb_/IAQZAtDsLY1?HtAK4_5AeY5xAECjO/HIEAAOq2RA5gA1?/24ae05/_TEoo4ArHzEqLA?OzZro0E1G7NIbDjgAXA4AcgpzIsn80-xz/AAA4z/LAHA59AIt?AJgYA-zA_0mAC/c5180c/AIegm_grAJuHzHDelNBArA_49fAAUqAEWWAAV/GIAXtA/WnyMmA_A?Q6y_w?AKvcApuyzYsAMLEA3o/a75d32/2UA5QAaAAEgyAA-NNj-NVyHP1f?drn_cI7uhAPAs?AA7W8HAuAHAl__EdOA-Is/AE46Np2J4rvAQ4/edf66a/H3HpkAFGRMAdAufAIqB0CANVXAynAA/CNAPes6J1-E/yfRl6AAsAAzAQ93URs_JFC1?2Pc4d_5/4039c3/1rfABn/AAEUAcAT95YAr1ZIlG?vs4_5M/XALzASAA_vfF4fHIAYTNvEAAvK?RQAHEAAEtLLYGgrTvP/ffb3b6/B1AQaAP3Z_fZABLaxAlms?CIVAG2-g_AsCrD-AFsMoBq/3jI7_/AAzAAU4NAEadiS-AFg3?sAEJH_A","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"172.67.215.129","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"title":"404 - 找不到文件或目录。"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:31:33Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-14 18:12:33","alert_count":0,"request_count":9,"received_data":7986,"sent_data":2943,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usaf.mxoowxhr.top","ip":{"addr":"172.67.215.129","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":5,"received_data":38792,"sent_data":4370,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-16T13:54:41Z","timestamp":1721138081,"ip_dst":{"addr":"172.67.215.129","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":37630,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-16T13:54:41.404968+0000\",\"flow_id\":604409199448358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.25\",\"src_port\":37630,\"dest_ip\":\"172.67.215.129\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usaf.mxoowxhr.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usaf.mxoowxhr.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":746,\"bytes_toclient\":1052,\"start\":\"2024-07-16T13:54:41.381222+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:30.3640004Z","timestamp":1721138070364,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C694B95AFC4423CF3E039CEA969256E7957FF30EE11FA6CD2C5432BD7B72686B\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11422\r\nExpires: Tue, 16 Jul 2024 17:04:52 GMT\r\nDate: Tue, 16 Jul 2024 13:54:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"df85487917ffcb9ff9393daa9c628bc8","sha1":"73e600fa168021b1cfd00f6a00dff1678e018aaa","sha256":"c694b95afc4423cf3e039cea969256e7957ff30ee11fa6cd2c5432bd7b72686b","sha512":"a7c38f06df183be7678e13fbd0d83f4841c430716c3a862c427c8f90813ade0c7bed1a9a910108cde73fd1deb28683f9c228724841bb165841eee0e0f8e2027c","ssdeep":"","tlshash":"fbf0051136f1fd729b57301358e0e05d4d304a79311119f165d409e77d64fed86d640e","first_seen":"2024-07-15T23:00:04Z","last_seen":"2024-08-19T16:51:32.310564Z","times_seen":19162,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:30.495514311Z","timestamp":1721138070495,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4ACAF4113D4CDA75EDBBAE5D28E17DFFB959489CD6912B854C9E87A3AB50FD2\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15927\r\nExpires: Tue, 16 Jul 2024 18:19:57 GMT\r\nDate: Tue, 16 Jul 2024 13:54:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0ba28ae3ca920c46edf9c7a1f79db3ca","sha1":"b96f7bd71a6b1f9e08b5a0179c66553bf42875d2","sha256":"e4acaf4113d4cda75edbbae5d28e17dffb959489cd6912b854c9e87a3ab50fd2","sha512":"5937af32a6f0ff76e028428c60ef303493ddc882c065396afb650daf19c5cc2f4403724350cbd8cb89a07780f5c9dc7c9885c22cbef8d4cffa26efa396ea6892","ssdeep":"","tlshash":"d6f005511576fd21e57126199cddd91a2e7bdbf4244419f6306003f3d981bffd950d04","first_seen":"2024-07-16T00:32:15Z","last_seen":"2024-08-19T16:50:36.759672Z","times_seen":27562,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:30.817778338Z","timestamp":1721138070817,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"13578D886DC74EBF01CFA31617C3417B42B8C8395E4BACC10A1B6F1D19BC55F2\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21201\r\nExpires: Tue, 16 Jul 2024 19:47:51 GMT\r\nDate: Tue, 16 Jul 2024 13:54:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"515a47172f3cc8fbca49fb1ef5f72e11","sha1":"5b474a25a17288e58ea017f17fa456cf13893af3","sha256":"13578d886dc74ebf01cfa31617c3417b42b8c8395e4bacc10a1b6f1d19bc55f2","sha512":"d4e43b6bcf96f365d5e7fcad72ac17ed60c9a71ce5668523d947134df658b88ffa4202028f160ae2005d464c3805139c212ef428407ed0ea300ff38421f34e43","ssdeep":"","tlshash":"2df00e9702a57d51faa833132cd8d1692e399f29380187f2387083c2ac74bf5e5580ea","first_seen":"2024-07-15T23:45:43Z","last_seen":"2024-08-19T16:51:01.863572Z","times_seen":23445,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:31.023281256Z","timestamp":1721138071023,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C18D568BC2C4D8544C593D76C943798FFD2DE9596CB115879D51D403F080ABEA\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6390\r\nExpires: Tue, 16 Jul 2024 15:41:01 GMT\r\nDate: Tue, 16 Jul 2024 13:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"d6a8982e5c8cce4f958455f8ea1e5814","sha1":"d88c9d262e8282645ee77a1a3f29199b0422166a","sha256":"c18d568bc2c4d8544c593d76c943798ffd2de9596cb115879d51d403f080abea","sha512":"4adcb4f548520d53ad63a92a3fe3b498b08ec528bea4e6a59c8730f0f5b43544772268ebee7a66c50c589441ba308654dc5bd709efb0ddc5052691315aecfaf7","ssdeep":"","tlshash":"27f0c98a02a8fc11aafb0a211c98b83c2e1aaa7c10105889a19581d36c90baa85d0659","first_seen":"2024-07-16T05:09:01Z","last_seen":"2024-08-19T16:49:30.522288Z","times_seen":18625,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:32.870061519Z","timestamp":1721138072870,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6826\r\nExpires: Tue, 16 Jul 2024 15:48:18 GMT\r\nDate: Tue, 16 Jul 2024 13:54:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:32.872302113Z","timestamp":1721138072872,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6826\r\nExpires: Tue, 16 Jul 2024 15:48:18 GMT\r\nDate: Tue, 16 Jul 2024 13:54:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:32.873669866Z","timestamp":1721138072873,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6826\r\nExpires: Tue, 16 Jul 2024 15:48:18 GMT\r\nDate: Tue, 16 Jul 2024 13:54:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:32.876974111Z","timestamp":1721138072876,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6826\r\nExpires: Tue, 16 Jul 2024 15:48:18 GMT\r\nDate: Tue, 16 Jul 2024 13:54:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T13:54:32.880443807Z","timestamp":1721138072880,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6826\r\nExpires: Tue, 16 Jul 2024 15:48:18 GMT\r\nDate: Tue, 16 Jul 2024 13:54:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"172.67.215.129","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-16T13:54:41.412Z","timestamp":1721138081412,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mxoowxhr.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 12:15:32 GMT","end":"Sun, 01 Sep 2024 12:15:31 GMT"},"fingerprint":{"sha1":"5B:BC:69:62:B1:0F:C3:12:B1:F3:8F:63:4D:22:DE:45:95:EA:FE:A6","sha256":"BB:0B:D3:C2:C6:3B:AE:09:64:2E:51:27:40:F7:41:A8:12:DD:55:9F:12:3D:65:B5:9F:5D:59:28:4E:4D:FB:08"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usaf.mxoowxhr.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 16 Jul 2024 13:54:33 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Tue, 16 Jul 2024 14:54:33 GMT\r\nLocation: https://usaf.mxoowxhr.top/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jl0DcvZiK4maP2JFFgjOdHx7gXNGDbreg1oJmUFbpSdhtUV%2FMt%2BY4RJ6XIz0m8S%2B8o4Y6ZFjmRrHsjvkQMhAj1aJ0lqRYyKRkUZC7nqp5Y%2FWVNcvJBbzMTTYgdepPoGPMXWNIw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8a427c216bc7b4eb-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":167,"size_decoded":167,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0104c301c5e02bd6148b8703d19b3a73","sha1":"7436e0b4b1f8c222c38069890b75fa2baf9ca620","sha256":"446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f","sha512":"84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf","ssdeep":"","tlshash":"c4c08cad6b523c98b8a73b3960c3a1a0e2ec803022d9042202b04a07f0cb1e78ec23d1","first_seen":"2023-04-05T06:32:17Z","last_seen":"2025-09-21T18:05:05.674757Z","times_seen":190494,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-16T13:54:41Z","timestamp":1721138081,"ip_dst":{"addr":"172.67.215.129","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.25","port":37630,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-16T13:54:41.404968+0000\",\"flow_id\":604409199448358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.25\",\"src_port\":37630,\"dest_ip\":\"172.67.215.129\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usaf.mxoowxhr.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usaf.mxoowxhr.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":746,\"bytes_toclient\":1052,\"start\":\"2024-07-16T13:54:41.381222+0000\"}}"}],"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-16T13:54:41.412Z","timestamp":1721138081412,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mxoowxhr.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 12:15:32 GMT","end":"Sun, 01 Sep 2024 12:15:31 GMT"},"fingerprint":{"sha1":"5B:BC:69:62:B1:0F:C3:12:B1:F3:8F:63:4D:22:DE:45:95:EA:FE:A6","sha256":"BB:0B:D3:C2:C6:3B:AE:09:64:2E:51:27:40:F7:41:A8:12:DD:55:9F:12:3D:65:B5:9F:5D:59:28:4E:4D:FB:08"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usaf.mxoowxhr.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=t0jmxmhjq1f5rbbjb0gi3lvs; RdStr=t0jmxmhjq1f5rbbjb0gi3lvs\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 16 Jul 2024 13:54:41 GMT\r\ncontent-type: text/html\r\ncache-control: private\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=N528ZlJUjD9klJMHt2rT9%2BmMPcM%2Bgxlm%2FdKxZPPvGPX5z6joGksLGoGeCfw0xrljO9ULa%2BQjx9gV4ux7Nl6l1zcIPYaMBs%2F8wa2JTar0PT2ai6%2F7Hh9DWahxG0BlW6kXlYF7zQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a427c1e6869b4ed-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":696,"size_decoded":1163,"mime_type":"text/html","magic":"HTML document, ISO-8859 text, with CRLF line terminators","md5":"8363acaeab9cbb099b59b78a44127ca6","sha1":"aef448ce5500e3734059ec285cf6ec0b547075f2","sha256":"9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a","sha512":"a431f7ee4cdc3c7c6edf43736e007e314a0f8c4d05706dbdf75b629b15bee335d173abc071568f447d78b4c43aba02017c1993d6da86a1acdde904eb287cb30c","ssdeep":"","tlshash":"2821412987d42804faa7c4e170f2b3e63e478646f59b4b9fb4127257d5c26a6c1d3388","first_seen":"2023-04-05T10:47:33Z","last_seen":"2026-04-20T22:49:29.456951Z","times_seen":14634,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-16T13:54:41Z","timestamp":1721138081,"ip_dst":{"addr":"172.67.215.129","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.25","port":37630,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-16T13:54:41.404968+0000\",\"flow_id\":604409199448358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.25\",\"src_port\":37630,\"dest_ip\":\"172.67.215.129\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usaf.mxoowxhr.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usaf.mxoowxhr.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":746,\"bytes_toclient\":1052,\"start\":\"2024-07-16T13:54:41.381222+0000\"}}"}],"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/favicon.ico","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaf.mxoowxhr.top/","date":"2024-07-16T13:54:41.718Z","timestamp":1721138081718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mxoowxhr.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 12:15:32 GMT","end":"Sun, 01 Sep 2024 12:15:31 GMT"},"fingerprint":{"sha1":"5B:BC:69:62:B1:0F:C3:12:B1:F3:8F:63:4D:22:DE:45:95:EA:FE:A6","sha256":"BB:0B:D3:C2:C6:3B:AE:09:64:2E:51:27:40:F7:41:A8:12:DD:55:9F:12:3D:65:B5:9F:5D:59:28:4E:4D:FB:08"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usaf.mxoowxhr.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaf.mxoowxhr.top/\r\nCookie: ASP.NET_SessionId=t0jmxmhjq1f5rbbjb0gi3lvs; RdStr=t0jmxmhjq1f5rbbjb0gi3lvs\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 16 Jul 2024 13:54:42 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 30 Nov 2023 12:13:25 GMT\r\netag: W/\"8d495b9e8623da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fTs%2B92RudT6Y%2BbRc3dINY%2Bh2EBRpjAtGDFLpo1v6bNaSBvoZ3EqtTV5XOhj6Xnz59jZVcCFYunD6xWICJ%2Bq9JWHAzQDvDOzqUIn%2FfT4biINa%2BdQtqtj4Qcajq5b6%2F5y6Q%2FxI0g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8a427c52bbe5b4ed-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32038,"size_decoded":32038,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3f0f72ed57a54b97cda500bcf0545efb","sha1":"2f252619c18e729d98e16b96d37cd7cd567b38eb","sha256":"67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943","sha512":"ea68c54a3ca39a47555a41ae5fc3723f1e7c06b3ad1776ee7082ffbff48277d2b4ee7ca1753165c2dccdf7012eb0cbe29cdbde21dc05373a07cf18e23de37e54","ssdeep":"192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn","tlshash":"6de2207b2193e200e49136f0adeaa4f059556f9a54708f19b0ba3d7de37a82bfc1d04d","first_seen":"2023-04-05T10:33:55Z","last_seen":"2026-04-29T21:01:27.386257Z","times_seen":28737,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-06-27","alert":"Other","trigger":"usaf.mxoowxhr.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/?category=c3e6fb9688b43v/76f9ad/tanaj1/hyv9m/gahste_atvvaoa?wlagb5aajweut1ao7gayjse/zn2iahdputaa3ym4py3k8a_/8178b8/7wagf_shca_sg0akaaw_3qa_a?b-2/7veme/bpajyhlawu1teib1xf4da-kianqaw8ap_ywaa?e1iu/1d7c9f/_isaal_dahevyaiaasi_h7dlkey/0jeit64gn9xkv?dibwva84l...~311~.../hoz4aaiiy2eamtaaablf6auicauaa/60697c/_mE1AAANAo3eP_w2HICYnAAsIEA7kI2EZ/AA-tz?PPS9uC4StSDA4T7bAaK/nsAxclAx6A-_7J/f973c0/2W8SAI/EAyB2eA-mDT_A1ukH_vmE2jm6AczAA?A-2/UAAWsR/GAah3IG5sXDS3i4AdAvA7eAHA-/07d4ee/dzgJAA/WiYr5tHgAA_A8QAl0AAl3A0NY9?lksEsA6i1T_IH2oAjB_a7nqI1dip0BA/E41A7AtyAA?W/6fc96a/?7m_Y71eAeZaLs_yzIENyknNU6WAA9/4uVAAbAkAuA/rK4uIlnI6EAEWAt3whOrAhAAHQZAFX8/c77815/rH_6A3O?y/wfApdIlAAAsV2IFV?O/jUQA-XA_lOPvI_/sCAA48VziqguPzEJPNAZkEAGAAaAbeIbANA/511555/9ZI4MRhjl5SVIsiEd_anA-AtA8Ab38uN3dmA5/HHA?TAH0V2sF/Mvd5A_AaAAsnA/lAiVLHnrAV/46fc14/gAAA?lEnpi_c/A6AEg?6EA6yAIQHr5zxnXIs3kO3_-uAmADA3/v/ddgAcsNOKAOseGAc4MEARgI2pAA/c8c019/Ah-A2U4sckIAwtEEs_-4AjHu2Y-9AAsS0PAA3MA0HSbFAJctFU41/iv9?9/yVkC71KAPAAAnyd/2bfde9/EyUqAARDgAIAbsSA3rwBAAEtQtTGsLAMd40P/yhafp6dJYw_O_M9rA5XA/E9VH1A/rHAAA?8NN3?IDA/83cbf9/Gvt_HAEemCUAEeAvgzA_K7AIAAjsAFBsAOShNA8/53OIh-l?AAJFwv/AA2HAAHITLG5N?HF76IS4Tc/113ae9/AsGs6AEIAAiU/DbAupknxMureAT4te0lFA1AANyJIj1Axn5PnvvAHjmAoZwdY/KxSbQAKAl1?-/9f2241/DaUp4yXA_bA-J/AA2gMhHIs_n/IAbL?SBeAyyVA5HACVegNjd?bA8At/Y6AzEcp6pvANsYEA1KcAAA9/121dae/jqtbvRZqRSA6IA-AjA/RIANA48js7IAb_/IAQZAtDsLY1?HtAK4_5AeY5xAECjO/HIEAAOq2RA5gA1?/24ae05/_TEoo4ArHzEqLA?OzZro0E1G7NIbDjgAXA4AcgpzIsn80-xz/AAA4z/LAHA59AIt?AJgYA-zA_0mAC/c5180c/AIegm_grAJuHzHDelNBArA_49fAAUqAEWWAAV/GIAXtA/WnyMmA_A?Q6y_w?AKvcApuyzYsAMLEA3o/a75d32/2UA5QAaAAEgyAA-NNj-NVyHP1f?drn_cI7uhAPAs?AA7W8HAuAHAl__EdOA-Is/AE46Np2J4rvAQ4/edf66a/H3HpkAFGRMAdAufAIqB0CANVXAynAA/CNAPes6J1-E/yfRl6AAsAAzAQ93URs_JFC1?2Pc4d_5/4039c3/1rfABn/AAEUAcAT95YAr1ZIlG?vs4_5M/XALzASAA_vfF4fHIAYTNvEAAvK?RQAHEAAEtLLYGgrTvP/ffb3b6/B1AQaAP3Z_fZABLaxAlms?CIVAG2-g_AsCrD-AFsMoBq/3jI7_/AAzAAU4NAEadiS-AFg3?sAEJH_A","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-16T13:54:30.842Z","timestamp":1721138070842,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mxoowxhr.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 12:15:32 GMT","end":"Sun, 01 Sep 2024 12:15:31 GMT"},"fingerprint":{"sha1":"5B:BC:69:62:B1:0F:C3:12:B1:F3:8F:63:4D:22:DE:45:95:EA:FE:A6","sha256":"BB:0B:D3:C2:C6:3B:AE:09:64:2E:51:27:40:F7:41:A8:12:DD:55:9F:12:3D:65:B5:9F:5D:59:28:4E:4D:FB:08"}}},"request":{"raw":"GET /?category=c3e6fb9688b43v/76f9ad/tanaj1/hyv9m/gahste_atvvaoa?wlagb5aajweut1ao7gayjse/zn2iahdputaa3ym4py3k8a_/8178b8/7wagf_shca_sg0akaaw_3qa_a?b-2/7veme/bpajyhlawu1teib1xf4da-kianqaw8ap_ywaa?e1iu/1d7c9f/_isaal_dahevyaiaasi_h7dlkey/0jeit64gn9xkv?dibwva84l...~311~.../hoz4aaiiy2eamtaaablf6auicauaa/60697c/_mE1AAANAo3eP_w2HICYnAAsIEA7kI2EZ/AA-tz?PPS9uC4StSDA4T7bAaK/nsAxclAx6A-_7J/f973c0/2W8SAI/EAyB2eA-mDT_A1ukH_vmE2jm6AczAA?A-2/UAAWsR/GAah3IG5sXDS3i4AdAvA7eAHA-/07d4ee/dzgJAA/WiYr5tHgAA_A8QAl0AAl3A0NY9?lksEsA6i1T_IH2oAjB_a7nqI1dip0BA/E41A7AtyAA?W/6fc96a/?7m_Y71eAeZaLs_yzIENyknNU6WAA9/4uVAAbAkAuA/rK4uIlnI6EAEWAt3whOrAhAAHQZAFX8/c77815/rH_6A3O?y/wfApdIlAAAsV2IFV?O/jUQA-XA_lOPvI_/sCAA48VziqguPzEJPNAZkEAGAAaAbeIbANA/511555/9ZI4MRhjl5SVIsiEd_anA-AtA8Ab38uN3dmA5/HHA?TAH0V2sF/Mvd5A_AaAAsnA/lAiVLHnrAV/46fc14/gAAA?lEnpi_c/A6AEg?6EA6yAIQHr5zxnXIs3kO3_-uAmADA3/v/ddgAcsNOKAOseGAc4MEARgI2pAA/c8c019/Ah-A2U4sckIAwtEEs_-4AjHu2Y-9AAsS0PAA3MA0HSbFAJctFU41/iv9?9/yVkC71KAPAAAnyd/2bfde9/EyUqAARDgAIAbsSA3rwBAAEtQtTGsLAMd40P/yhafp6dJYw_O_M9rA5XA/E9VH1A/rHAAA?8NN3?IDA/83cbf9/Gvt_HAEemCUAEeAvgzA_K7AIAAjsAFBsAOShNA8/53OIh-l?AAJFwv/AA2HAAHITLG5N?HF76IS4Tc/113ae9/AsGs6AEIAAiU/DbAupknxMureAT4te0lFA1AANyJIj1Axn5PnvvAHjmAoZwdY/KxSbQAKAl1?-/9f2241/DaUp4yXA_bA-J/AA2gMhHIs_n/IAbL?SBeAyyVA5HACVegNjd?bA8At/Y6AzEcp6pvANsYEA1KcAAA9/121dae/jqtbvRZqRSA6IA-AjA/RIANA48js7IAb_/IAQZAtDsLY1?HtAK4_5AeY5xAECjO/HIEAAOq2RA5gA1?/24ae05/_TEoo4ArHzEqLA?OzZro0E1G7NIbDjgAXA4AcgpzIsn80-xz/AAA4z/LAHA59AIt?AJgYA-zA_0mAC/c5180c/AIegm_grAJuHzHDelNBArA_49fAAUqAEWWAAV/GIAXtA/WnyMmA_A?Q6y_w?AKvcApuyzYsAMLEA3o/a75d32/2UA5QAaAAEgyAA-NNj-NVyHP1f?drn_cI7uhAPAs?AA7W8HAuAHAl__EdOA-Is/AE46Np2J4rvAQ4/edf66a/H3HpkAFGRMAdAufAIqB0CANVXAynAA/CNAPes6J1-E/yfRl6AAsAAzAQ93URs_JFC1?2Pc4d_5/4039c3/1rfABn/AAEUAcAT95YAr1ZIlG?vs4_5M/XALzASAA_vfF4fHIAYTNvEAAvK?RQAHEAAEtLLYGgrTvP/ffb3b6/B1AQaAP3Z_fZABLaxAlms?CIVAG2-g_AsCrD-AFsMoBq/3jI7_/AAzAAU4NAEadiS-AFg3?sAEJH_A HTTP/1.1\r\nHost: usaf.mxoowxhr.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 16 Jul 2024 13:54:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /e224aa/v0bApAKApSBWg4f2BAa-UO?i/7MqAA7xjOls/6AVyKK/ev7ABXAbiwXuHANqAyVmIQA5AEbyEAA\r\nset-cookie: ASP.NET_SessionId=t0jmxmhjq1f5rbbjb0gi3lvs; path=/; HttpOnly\nRdStr=t0jmxmhjq1f5rbbjb0gi3lvs; path=/\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ReiDT0Slr0f2c4PAnF7OH3dY%2BdN9mFYYBVf9%2FafJIcemaw9LfF2bma8Q5pK6T7dh7lO94Xdg2tZIZa3CQRQ0lpMIvdiJ9CZW9g8bQHiU4Elz6%2BRifrCeiwVq513rRaU1ATBYqA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a427c0ed9a5568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T15:39:35.508929Z","times_seen":14478573,"resource_available":true,"data":null}},"time_used":1231,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":1195,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaf.mxoowxhr.top/e224aa/v0bApAKApSBWg4f2BAa-UO?i/7MqAA7xjOls/6AVyKK/ev7ABXAbiwXuHANqAyVmIQA5AEbyEAA","fqdn":"usaf.mxoowxhr.top","domain":"mxoowxhr.top","tld":"top"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-16T13:54:32.062Z","timestamp":1721138072062,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mxoowxhr.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 12:15:32 GMT","end":"Sun, 01 Sep 2024 12:15:31 GMT"},"fingerprint":{"sha1":"5B:BC:69:62:B1:0F:C3:12:B1:F3:8F:63:4D:22:DE:45:95:EA:FE:A6","sha256":"BB:0B:D3:C2:C6:3B:AE:09:64:2E:51:27:40:F7:41:A8:12:DD:55:9F:12:3D:65:B5:9F:5D:59:28:4E:4D:FB:08"}}},"request":{"raw":"GET /e224aa/v0bApAKApSBWg4f2BAa-UO?i/7MqAA7xjOls/6AVyKK/ev7ABXAbiwXuHANqAyVmIQA5AEbyEAA HTTP/1.1\r\nHost: usaf.mxoowxhr.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=t0jmxmhjq1f5rbbjb0gi3lvs; RdStr=t0jmxmhjq1f5rbbjb0gi3lvs\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 16 Jul 2024 13:54:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=H2qwpKJV50jdIGeVZk1FKM4t2qkTSa6DBzUxjyF0dwLhSSjjvffQke5YbpFIuwYE1XSxxMQmuyKJPXGsfaAazsGiDn%2F4i1lpqqmdE3wITOT3yGeA5HeNQqUtds9WzCNMY6eYdQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a427c166f99568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T15:39:35.508929Z","times_seen":14478573,"resource_available":true,"data":null}},"time_used":1278,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}