{"report_id":"0ca2ecc4-6756-4f42-9aad-eee1141226d7","version":6,"status":"done","tags":[],"date":"2024-08-28T17:35:00Z","url":{"schema":"http","addr":"paarsvc.com/gVqDjhVpVIx/74003","fqdn":"paarsvc.com","domain":"paarsvc.com","tld":"com"},"ip":{"addr":"23.109.170.202","port":0,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"paarsvc.com/gVqDjhVpVIx/74003","fqdn":"paarsvc.com","domain":"paarsvc.com","tld":"com"},"title":"paarsvc.com/gVqDjhVpVIx/74003"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-07T17:26:23Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"aus5.mozilla.org","ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"1998-01-24","domain_rank":2548,"first_seen":"2015-10-27 08:06:24","last_seen":"2024-08-28 18:37:02","alert_count":0,"request_count":1,"received_data":1221,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-28 18:12:05","alert_count":0,"request_count":8,"received_data":7097,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-28 18:12:07","alert_count":0,"request_count":5,"received_data":4437,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"paarsvc.com","ip":{"addr":"23.109.170.202","port":0,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":3260,"sent_data":1466,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-28","alert":"Sinkholed","trigger":"paarsvc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-28","alert":"Sinkholed","trigger":"paarsvc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:35.497838207Z","timestamp":1724866475497,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2034FFBDAD2B6393B012C7ECEE28C7D50AD9BB9BDBDECACDC78B31698AD3C898\"\r\nLast-Modified: Mon, 26 Aug 2024 02:35:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8546\r\nExpires: Wed, 28 Aug 2024 19:57:01 GMT\r\nDate: Wed, 28 Aug 2024 17:34:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f15763cdb73606bc14218ed7f99eb5c4","sha1":"ded5ea84b5448c90c3ccd5ce3eb60db1ef63b453","sha256":"2034ffbdad2b6393b012c7ecee28c7d50ad9bb9bdbdecacdc78b31698ad3c898","sha512":"b843e917bee7b20a9f04efd5e13d5b5b3bcb4d85560ed9b3ed49e0073043af317ba0952c94a8d4c0dc858e6f1114c4cd6e3e338b01079a6758375decd86aeb6e","ssdeep":"","tlshash":"6ff005e60e0b79821e790c3ea594853d36388efa1a8014e9340887d1b9117f7e2c120c","first_seen":"2024-08-26T09:49:25Z","last_seen":"2024-08-29T17:45:41.232767Z","times_seen":642,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:35.499662245Z","timestamp":1724866475499,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2E6610A974CEFD8ED9BAB356E7E166E41B4E4955F4DA39F5D400CDEEB286F88C\"\r\nLast-Modified: Mon, 26 Aug 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7388\r\nExpires: Wed, 28 Aug 2024 19:37:43 GMT\r\nDate: Wed, 28 Aug 2024 17:34:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"306aab38a2968d69d5d5dbc017f4277a","sha1":"b32d9d7854e04d53418b56571cafb87065e3556f","sha256":"2e6610a974cefd8ed9bab356e7e166e41b4e4955f4da39f5d400cdeeb286f88c","sha512":"d3be3959b93f1874cee87bf50b8086ac3cc5acb076f7bbf04433ea744f2882961eee72a676b73fb513110e32273cd72c3b9c012394536dde5918399b9f36a359","ssdeep":"","tlshash":"0af095275565b4521f6c15755dcdc06b2e35f1db29885adf5f1c53d63c813cdb144204","first_seen":"2024-08-26T09:36:13Z","last_seen":"2024-08-29T17:45:45.462157Z","times_seen":23756,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:35.517783913Z","timestamp":1724866475517,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5A2F5A87F6408BBC11020231759DB8EEB24C28C0890DA8F3EE2565D87B0E1E4C\"\r\nLast-Modified: Mon, 26 Aug 2024 02:36:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2644\r\nExpires: Wed, 28 Aug 2024 18:18:39 GMT\r\nDate: Wed, 28 Aug 2024 17:34:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"35888f142e8c995a2a992b24009a2cee","sha1":"8315b1d92f868af492e04ea1d0846ee9fc0328e7","sha256":"5a2f5a87f6408bbc11020231759db8eeb24c28c0890da8f3ee2565d87b0e1e4c","sha512":"520246d8e18bc326605766a6e5f3d8161db171271712caaa258d25258dbb6c7e57f07bb1b0c92d3d3134eb1111e6154c7ddce67caa8bafd3d25f38fdb7032517","ssdeep":"","tlshash":"86f0059236e17961ed9d321579edd25339208aa9905094c5748447b254602dd47c9909","first_seen":"2024-08-26T09:37:37Z","last_seen":"2024-08-29T17:45:45.462962Z","times_seen":20149,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:35.946407174Z","timestamp":1724866475946,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5385C52F0502864E92DA08547AEFA7CE05EC21FF081C7413CE54723F3AB73303\"\r\nLast-Modified: Mon, 26 Aug 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5642\r\nExpires: Wed, 28 Aug 2024 19:08:37 GMT\r\nDate: Wed, 28 Aug 2024 17:34:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3c415be21fd13680f4c76a79399af82e","sha1":"cc6afc7d2b2fd8451b793b01435087409e677f4c","sha256":"5385c52f0502864e92da08547aefa7ce05ec21ff081c7413ce54723f3ab73303","sha512":"6a5214d6c24e419707d52fc7b946b42f557519a25557e16a0ab0937a1a318df8a32ae13d51980b7fc9beff4cf0f34ffc064743e1b64fc9bb6af29f7bc8648400","ssdeep":"","tlshash":"8bf00e9b4af5fc819bbed6222975e511be35fce92828089b60c842e1a910768e741248","first_seen":"2024-08-26T09:09:51Z","last_seen":"2024-08-29T17:46:07.367395Z","times_seen":17376,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:36.189242383Z","timestamp":1724866476189,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CF52B0D20DCD9EC594829E754E56C0857C70A4D3B7DF335DAB6C207C678FD856\"\r\nLast-Modified: Wed, 28 Aug 2024 15:54:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21600\r\nExpires: Wed, 28 Aug 2024 23:34:36 GMT\r\nDate: Wed, 28 Aug 2024 17:34:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cd8098def5e9331a97d9fef9e879c1ae","sha1":"1b2602e3ba13dfee74601fcf7d086cc38f82ea24","sha256":"cf52b0d20dcd9ec594829e754e56c0857c70a4d3b7df335dab6c207c678fd856","sha512":"641bd4c033853236099705017a7085feb154b6c17fc4c003558ef38982e3998002bd231d069ba7c8fca6f6b4bc82a6826eccc4859b6fc043532a9f0012a87e63","ssdeep":"","tlshash":"a4f00ea71660ed78ff7044206a97df602a3d79f93c1768a250d08bd238b2fac8990c4c","first_seen":"2024-08-29T17:26:23.413494Z","last_seen":"2024-08-29T17:26:23.413494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"paarsvc.com/gVqDjhVpVIx/74003","fqdn":"paarsvc.com","domain":"paarsvc.com","tld":"com"},"ip":{"addr":"23.109.170.202","port":0,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:36.250510208Z","timestamp":1724866476250,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /gVqDjhVpVIx/74003 HTTP/1.1\r\nHost: paarsvc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 28 Aug 2024 17:34:36 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 29-Aug-2024 17:34:36 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwNwz0OgjAYBuB%2B39BoJCZv5ACcAIHgwOjP4GBw4ASARBualrSAejN3L6ZP8gghOAzAakBQpHGRxHkWp7scdAeXV3BrIEvrnvUb5MBJBnYGi33fOf%2BYPKjF6vz9zKqP5s71IIX1QatXVFk9jcoaD%2F5fHutGd9tTdQENksCjlQz2t1CAZrn5ASyhICQ%3D; expires=Thu, 29-Aug-2024 17:34:36 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":26,"size_decoded":6,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"4fc71bf68a1d477bd1523733e34d1e90","sha1":"15119105cffbe108b6cf290146ab02c9aa8517ba","sha256":"74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce","sha512":"e8e5f5430841f9cdaad492efce3fed11992913ad2b714b27c6fd147c55b2c56dc1b896635f24c2b180d4215c70ba9a042847d7d9cf3ff8a67b636a4c0ca1ce3d","ssdeep":"","tlshash":"4350003303c00000cc300000300300000000000000000c00c000000000000000000303","first_seen":"2023-03-07T01:31:39Z","last_seen":"2026-04-12T12:39:42.569488Z","times_seen":10567,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-28","alert":"Sinkholed","trigger":"paarsvc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:36.507345789Z","timestamp":1724866476507,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3F9AB2E5D1E241736FB1C23EFF5ECA68D5AF9BCE37F119EFD75A70754B3E9ACA\"\r\nLast-Modified: Mon, 26 Aug 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3914\r\nExpires: Wed, 28 Aug 2024 18:39:50 GMT\r\nDate: Wed, 28 Aug 2024 17:34:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9c5d4dcb1b3f760354694ec76a6cc7bd","sha1":"53e77635c023e5cd38d74cda8051d2bd72f5bfa6","sha256":"3f9ab2e5d1e241736fb1c23eff5eca68d5af9bce37f119efd75a70754b3e9aca","sha512":"9db29fec17edd85a84982958d212f78d148a8f6a11f5f23e5304f57cf7f81d690ad3146e8fdc8f9b13ace986d6a27d025cdd4130d02854cea6fba44b96bec58e","ssdeep":"","tlshash":"69f005a50a64759053784c061b5cc2397e30ebb93121406ba5d1d7d13c817f4844400c","first_seen":"2024-08-26T09:05:36Z","last_seen":"2024-08-29T17:45:53.986648Z","times_seen":347,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:36.687513476Z","timestamp":1724866476687,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"441E957BCA9AFB4A865DF5362C94CC68DF8071610EF8C8B49EC682BF57D81B4E\"\r\nLast-Modified: Wed, 28 Aug 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13998\r\nExpires: Wed, 28 Aug 2024 21:27:54 GMT\r\nDate: Wed, 28 Aug 2024 17:34:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41d99bdb0bce7036541a169e82b157fd","sha1":"448d08018f9868e2a7ccda7a3bdc81242cfdb412","sha256":"441e957bca9afb4a865df5362c94cc68df8071610ef8c8b49ec682bf57d81b4e","sha512":"7896b6ae1bde62511109d88df24a259f23be8a1ba5254d15096fffa49eb32d780b185494b4e174af3522430d5a4b15afccb9748a6202cb363922780365589bc3","ssdeep":"","tlshash":"06f00ec513a57d84bff192117feac24b6e136db83d3084d168c460e2e5c0be85e98488","first_seen":"2024-08-28T17:54:43Z","last_seen":"2024-08-31T08:36:18.055778Z","times_seen":16532,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"paarsvc.com/favicon.ico","fqdn":"paarsvc.com","domain":"paarsvc.com","tld":"com"},"ip":{"addr":"23.109.170.202","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paarsvc.com/gVqDjhVpVIx/74003","date":"2024-08-28T17:34:36.719Z","timestamp":1724866476719,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"paarsvc.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Jul 2024 23:30:56 GMT","end":"Mon, 07 Oct 2024 23:30:55 GMT"},"fingerprint":{"sha1":"7D:5D:83:7E:93:AB:A6:BC:C7:9A:81:8A:28:BB:04:7C:35:1A:81:FB","sha256":"84:D8:55:4B:C7:AF:58:41:85:88:A7:98:46:5A:76:C6:63:41:7E:CF:B4:79:EF:0F:5A:10:45:5B:4F:92:62:38"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: paarsvc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paarsvc.com/gVqDjhVpVIx/74003\r\nCookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwNwz0OgjAYBuB%2B39BoJCZv5ACcAIHgwOjP4GBw4ASARBualrSAejN3L6ZP8gghOAzAakBQpHGRxHkWp7scdAeXV3BrIEvrnvUb5MBJBnYGi33fOf%2BYPKjF6vz9zKqP5s71IIX1QatXVFk9jcoaD%2F5fHutGd9tTdQENksCjlQz2t1CAZrn5ASyhICQ%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 28 Aug 2024 17:34:36 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 1406\r\nLast-Modified: Wed, 28 Aug 2024 15:07:21 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"66cf3d29-57e\"\r\nExpires: Thu, 29 Aug 2024 17:34:36 GMT\r\nCache-Control: max-age=86400\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1406,"size_decoded":1406,"mime_type":"application/octet-stream","magic":"MS Windows icon resource - 1 icon, 16x16","md5":"011201ab56695ce86ea2f190bce2670b","sha1":"bb8fad6accf293e619360935047c23f00da3c769","sha256":"a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e","sha512":"56d53a1219e58ad045c96dc81d71c63c0cf5a9766add778d34895fdaa7fda8dead44161ec291f0ed3d10a405322b7973b56c6b211d68a8d82a8510b5b7c0456c","ssdeep":"","tlshash":"71210082bb20c02cc82c0b300802eba82388f00ac8e8330b30c80b8e0c0008c8ef8ae0","first_seen":"2023-04-05T07:23:52Z","last_seen":"2026-04-12T13:47:31.705903Z","times_seen":19626,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-28","alert":"Sinkholed","trigger":"paarsvc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:37.34664411Z","timestamp":1724866477346,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A17CCF5A8670DB342D1EA31437D24024A4533B687F08A675AAAD88453B32F3B5\"\r\nLast-Modified: Mon, 26 Aug 2024 13:49:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10334\r\nExpires: Wed, 28 Aug 2024 20:26:51 GMT\r\nDate: Wed, 28 Aug 2024 17:34:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"314a5c458b12a116a1a6c069d23ad663","sha1":"d0df1fdad7b75a06462e48e5270953a9981ac515","sha256":"a17ccf5a8670db342d1ea31437d24024a4533b687f08a675aaad88453b32f3b5","sha512":"7d28446b21e1ea11a4d9020f2151d76e07211783c73d787488cbdb9c5fd90e238e8edd6683095d8c7a1770a968859916e27d6655101175fefb14530d16abe04f","ssdeep":"","tlshash":"6cf00e692a7a5a821ae50c3b5ee1c0fd5e2258eab4d42afbe10457d468207df538c18e","first_seen":"2024-08-26T15:52:18Z","last_seen":"2024-08-29T17:43:36.573374Z","times_seen":1010,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:38.353907084Z","timestamp":1724866478353,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"571F2EF4CB90C7834ACECBF6981410DDBD15611A6750B8A77717821DC1D1A167\"\r\nLast-Modified: Mon, 26 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6191\r\nExpires: Wed, 28 Aug 2024 19:17:49 GMT\r\nDate: Wed, 28 Aug 2024 17:34:38 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0192c7488a56c1b9f50decbbc7c6e924","sha1":"7ed837f77d0fee2e3c5833f86d73eb2dfa3f6bec","sha256":"571f2ef4cb90c7834acecbf6981410ddbd15611a6750b8a77717821dc1d1a167","sha512":"a5f5b42d4f65bff1669d388493604f1aba272cabf1313c42568917490fdb8b52fdd4fe8b984f00c748e68fc003994e2b0aef47b0a74776d55e304854b2523da6","ssdeep":"","tlshash":"84f005c3b62cb45a4e3c103799d4d037149478590ac846e9dcc057f278b57e942e550c","first_seen":"2024-08-26T12:43:12Z","last_seen":"2024-08-29T17:44:34.32567Z","times_seen":16518,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:38.357109413Z","timestamp":1724866478357,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"571F2EF4CB90C7834ACECBF6981410DDBD15611A6750B8A77717821DC1D1A167\"\r\nLast-Modified: Mon, 26 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6191\r\nExpires: Wed, 28 Aug 2024 19:17:49 GMT\r\nDate: Wed, 28 Aug 2024 17:34:38 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0192c7488a56c1b9f50decbbc7c6e924","sha1":"7ed837f77d0fee2e3c5833f86d73eb2dfa3f6bec","sha256":"571f2ef4cb90c7834acecbf6981410ddbd15611a6750b8a77717821dc1d1a167","sha512":"a5f5b42d4f65bff1669d388493604f1aba272cabf1313c42568917490fdb8b52fdd4fe8b984f00c748e68fc003994e2b0aef47b0a74776d55e304854b2523da6","ssdeep":"","tlshash":"84f005c3b62cb45a4e3c103799d4d037149478590ac846e9dcc057f278b57e942e550c","first_seen":"2024-08-26T12:43:12Z","last_seen":"2024-08-29T17:44:34.32567Z","times_seen":16518,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:38.358189037Z","timestamp":1724866478358,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"571F2EF4CB90C7834ACECBF6981410DDBD15611A6750B8A77717821DC1D1A167\"\r\nLast-Modified: Mon, 26 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6191\r\nExpires: Wed, 28 Aug 2024 19:17:49 GMT\r\nDate: Wed, 28 Aug 2024 17:34:38 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0192c7488a56c1b9f50decbbc7c6e924","sha1":"7ed837f77d0fee2e3c5833f86d73eb2dfa3f6bec","sha256":"571f2ef4cb90c7834acecbf6981410ddbd15611a6750b8a77717821dc1d1a167","sha512":"a5f5b42d4f65bff1669d388493604f1aba272cabf1313c42568917490fdb8b52fdd4fe8b984f00c748e68fc003994e2b0aef47b0a74776d55e304854b2523da6","ssdeep":"","tlshash":"84f005c3b62cb45a4e3c103799d4d037149478590ac846e9dcc057f278b57e942e550c","first_seen":"2024-08-26T12:43:12Z","last_seen":"2024-08-29T17:44:34.32567Z","times_seen":16518,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:38.359137696Z","timestamp":1724866478359,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"571F2EF4CB90C7834ACECBF6981410DDBD15611A6750B8A77717821DC1D1A167\"\r\nLast-Modified: Mon, 26 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6191\r\nExpires: Wed, 28 Aug 2024 19:17:49 GMT\r\nDate: Wed, 28 Aug 2024 17:34:38 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0192c7488a56c1b9f50decbbc7c6e924","sha1":"7ed837f77d0fee2e3c5833f86d73eb2dfa3f6bec","sha256":"571f2ef4cb90c7834acecbf6981410ddbd15611a6750b8a77717821dc1d1a167","sha512":"a5f5b42d4f65bff1669d388493604f1aba272cabf1313c42568917490fdb8b52fdd4fe8b984f00c748e68fc003994e2b0aef47b0a74776d55e304854b2523da6","ssdeep":"","tlshash":"84f005c3b62cb45a4e3c103799d4d037149478590ac846e9dcc057f278b57e942e550c","first_seen":"2024-08-26T12:43:12Z","last_seen":"2024-08-29T17:44:34.32567Z","times_seen":16518,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:38.360131479Z","timestamp":1724866478360,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"571F2EF4CB90C7834ACECBF6981410DDBD15611A6750B8A77717821DC1D1A167\"\r\nLast-Modified: Mon, 26 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6191\r\nExpires: Wed, 28 Aug 2024 19:17:49 GMT\r\nDate: Wed, 28 Aug 2024 17:34:38 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0192c7488a56c1b9f50decbbc7c6e924","sha1":"7ed837f77d0fee2e3c5833f86d73eb2dfa3f6bec","sha256":"571f2ef4cb90c7834acecbf6981410ddbd15611a6750b8a77717821dc1d1a167","sha512":"a5f5b42d4f65bff1669d388493604f1aba272cabf1313c42568917490fdb8b52fdd4fe8b984f00c748e68fc003994e2b0aef47b0a74776d55e304854b2523da6","ssdeep":"","tlshash":"84f005c3b62cb45a4e3c103799d4d037149478590ac846e9dcc057f278b57e942e550c","first_seen":"2024-08-26T12:43:12Z","last_seen":"2024-08-29T17:44:34.32567Z","times_seen":16518,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml","fqdn":"aus5.mozilla.org","domain":"mozilla.org","tld":"org"},"ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-28T17:34:55.165355275Z","timestamp":1724866495165,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1\r\nHost: aus5.mozilla.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\nrule-id: unknown\r\nrule-data-version: unknown\r\ncontent-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-10-13-11-24-53.chain; p384ecdsa=UtiUCKkhuY6PO45xQuzlJESTrUTbsP3QFt2AO7aTipGw6Ao247EhxlHpi6Q6OFH4ymwFaBa4QaUs2W1kfixlAen8QUTHi_EOJPWhRaaj0r7E5coLwffcT6lJlpV80ezR\r\nstrict-transport-security: max-age=31536000;\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-proxy-cache-status: EXPIRED\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Wed, 28 Aug 2024 17:34:07 GMT\r\ncontent-type: text/xml; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 444\r\nage: 48\r\ncache-control: public,max-age=90\r\nalt-svc: clear\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":444,"size_decoded":721,"mime_type":"text/xml; charset=utf-8","magic":"XML 1.0 document, ASCII text, with very long lines (332)","md5":"3b324dec137a87ef7e24a30a65b13dd0","sha1":"c0faa95b2f1018e264b3a14aaf50d1003e6c27b3","sha256":"6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463","sha512":"eee5d0a6354c5cfafdba69236359dbb38be1d7cbfd841230c07617fa3d8982751d8ddbe4f3b9c533a277e836b28a2f483d8ddc79aa09573ca9d49fc16341c061","ssdeep":"","tlshash":"54011069bdb5f89100860aa76626c8015a232287e1541888b8df5fc04f9b9b4536f09d","first_seen":"2023-10-13T18:17:52Z","last_seen":"2025-06-20T01:29:36.566077Z","times_seen":185315,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}