{"report_id":"16685cdc-7854-436b-a71a-fc9546eda8a6","version":6,"status":"done","tags":[],"date":"2024-07-18T19:17:06Z","url":{"schema":"http","addr":"uskr.ulpgexrl.top/?benefit=0baa2ca68852b289ca80y59/78e8f5/ale41s/owaaffa?la6tant8mhtkazuka5agxtjs/fuallit0baazytazkrssspso15nai7daza/787b99/-af8iy/8df5mamndeaeiaaat5/haa0?dt7ncafd5da08jiwq_odifs_dpt4f/85lvlaa3ahiabf/5c8663/a6h_ga/gfaohksqhiat_aasigz/aaa1bsh47vwnleqjyyfv...~311~...rji_dqr_anauabd8aruaya/hga1_la/3df570/AQ52EtGSOCsw/ASAAAvzaIAbnAJvv02wL44FA/pHATsJZyoTsubIqZAA?DtokdASUaAuzA-2Gy/40ba89/t5FwsiAYoI1TsyJgAA/rhAD02AzE_s_H/3U1qAT?3Aj62TGrAlAECNJAAaVdIIhxFAAgAoiU_?Aw4D/d41497/sA2tAl?AEzfLAv2IWl9J_A/3AA-b4SJ9WnXFYAZ7lARxwQ/bAMqsOP-L3_HwVAyACA0I4TArGk/481d63/7A38A__A/4AGgAKEg_N?AeL8ld?AbXzlAgAbGGEFZJ-NSpZ80WA/AHIAEEsABcs_kAAZlC/IpA8wH4B/803582/nANyVAABG9HJ/2bhYKEUTFtA/H5xaAI8-Ac6k4AAQ?8A0sAA14JASabJNu9/PXACAAnB9iU_ntc/9c97f0/IAEzH7A9ilu8_?pv4ZPXAEEAA7A/pfsAAg1gXeO/AA59BaA_4eAsR3O5AAQAW?V7-taNwZdacVIN-D/0fc748/A3YEAgYer5K_hAA-dxscTz6RIAnftAmA4DLP4b?tyweU-0AAP8SHiOAAaF/A3xGi/AAGH9w9YA/6b96f8/fgAn??Qc7HNAAf1_WAUIK8Aad/LNsAU4AAE12A-H/Szw4tpT_AAIsAdwIEs5TlJ3fVOwT7EAhtduAA/c9334d/XcEdXAAAcA64/Xs?AAAw_G?9PAYAHrx_AASjGaIPJs3LE3HSjt/YgQuTEkA_3d2AAbQlOATkhNIskH/b06680/xAhoSc/ZfVawVgAsmAt/qTEcOGAAaAaoGAv4A2pLNi4AAvVBxXI9P9isAM4__PAH4?/AySnAE4H/5d7a2f/fsAY8A/uVpAIt/NAIAuDA2A4Bn6vt?HIW3iqVP2-KkXXdGA/8A-KAMTAsPkEsAtAjGcSPAJ4j7J/81aeb0/t4RsANARTxAAAhOb_CcIAQAOzAzAdA4H1Oy-dcCdeBrHTh2CW/EdfIvhHukA/Z4EAj-gA?p9AA/8ebbf3/o0snqpq3LP4v/eAG75PA?A5IyryEWAWi9H4qAA07Z5AAsfyWazM7AYyRAlNX5A/7rAJjzSAATq/f683cb/iEaPY_CI3AO7AJh_2AksrrKA4AA5AcAcIiO_hbAdm7h/EVFS0/ER4?KcAseoUgf3wAsAANsXFH?xAA/120bb8/AsKOAjgv6AwEAOnakMHiHeCABhOA38/AAjnUl/3XT-OhP34e94HZIj?3_mrBTA3B96CAIAtA7A/248b22/PIs4HJkPAVdAJtXA-0HAAgu_VfrmUq0/EiAA8/A2ndjsOnyA2v/pfFJAAAKAMdlPjnt3uT?zAsY","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"uskr.ulpgexrl.top/","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"title":"404 - 找不到文件或目录。"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:12:36Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-18 17:48:59","alert_count":0,"request_count":9,"received_data":7984,"sent_data":2943,"comment":"","tags":null,"fingerprints":null},{"fqdn":"uskr.ulpgexrl.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":4,"received_data":37450,"sent_data":3732,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T19:16:42Z","timestamp":1721330202,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":51026,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-18T19:16:42.059540+0000\",\"flow_id\":852988727566040,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":51026,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"uskr.ulpgexrl.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://uskr.ulpgexrl.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":746,\"bytes_toclient\":1058,\"start\":\"2024-07-18T19:16:42.040664+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:40.133737658Z","timestamp":1721330200133,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"15D10FABB92098E81E218740AE04059FE6340C321EE70325DB46F6C9CB7AD817\"\r\nLast-Modified: Thu, 18 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4417\r\nExpires: Thu, 18 Jul 2024 20:30:17 GMT\r\nDate: Thu, 18 Jul 2024 19:16:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"91a50ba757c5ca46c896205a21d87a49","sha1":"0b48953a685631845a7034c8948077de0e60de80","sha256":"15d10fabb92098e81e218740ae04059fe6340c321ee70325db46f6c9cb7ad817","sha512":"9dc3e69a9de4f4acb12fa7ac9a5508ce095f2b0c1a297271ce5d59e94871f36c834e377ba43ca5b4e248b274f574892b3d854d3c7d72c1c47e92e46db6d8f05c","ssdeep":"","tlshash":"def00e95509c7f02ebf220136de8c30c5a247de91c4026f230e85ac2fe047fa89cc989","first_seen":"2024-07-18T11:09:46Z","last_seen":"2024-08-19T16:31:59.348725Z","times_seen":23544,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:40.163297032Z","timestamp":1721330200163,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E79C4BB4566914535B10C91563E36D1768F5FC8E1933392CF130E2F4D776E296\"\r\nLast-Modified: Thu, 18 Jul 2024 08:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10942\r\nExpires: Thu, 18 Jul 2024 22:19:02 GMT\r\nDate: Thu, 18 Jul 2024 19:16:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2c174cd9de141b9f3330d869df450834","sha1":"251c8d7aa8126bfb9fa4c164ebb067b8929486f8","sha256":"e79c4bb4566914535b10c91563e36d1768f5fc8e1933392cf130e2f4d776e296","sha512":"bbe4c9a03bcf750813d6506e3684fdd8f93b9a2948c305de8968a3486f7afbe5cdda6a8e8dc5746c67bcd5dbf6d33f27e3b03c75e175040ab8969c260c97f78c","ssdeep":"","tlshash":"45f0c00a82ed7d1129f036547e7cae586d1079ab306411d3149057d2a890f98fd78505","first_seen":"2024-07-18T15:27:34Z","last_seen":"2024-08-19T16:30:44.249146Z","times_seen":12184,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:40.398816657Z","timestamp":1721330200398,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17205F996D5CE1462ADB970516597F51763582906181B875E45B5B7535F38B8F\"\r\nLast-Modified: Thu, 18 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4093\r\nExpires: Thu, 18 Jul 2024 20:24:53 GMT\r\nDate: Thu, 18 Jul 2024 19:16:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ba83fc82f22d464fbc0a613d3224fdef","sha1":"b8d2b3e057c0d01c05e3891f5b5cdaf09e001d3b","sha256":"17205f996d5ce1462adb970516597f51763582906181b875e45b5b7535f38b8f","sha512":"cccf8f5eeca2b9d0d42d21fd1beac77ef0c01812a2a8f72c6d1390e268eaed420d0e64c3a1264affbd202ed65b635e4035e3b02e4a5423f326bd3d50d824ace5","ssdeep":"","tlshash":"13f07e050eee78055be011041cf3cf3c3e28b6f429205df5e89408e22811bf1aac8849","first_seen":"2024-07-18T13:57:58Z","last_seen":"2024-08-19T16:31:23.044897Z","times_seen":26255,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:40.553449053Z","timestamp":1721330200553,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"FBE357F2CC5C225F66CCD61407A0609124DF4790B268FCADF2C3399579CEED4F\"\r\nLast-Modified: Thu, 18 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4540\r\nExpires: Thu, 18 Jul 2024 20:32:20 GMT\r\nDate: Thu, 18 Jul 2024 19:16:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c1c566b13420f7d3edbf1d5ed3b27db9","sha1":"97de217d617fdc3b20f959d006b312b10cc0cbae","sha256":"fbe357f2cc5c225f66ccd61407a0609124df4790b268fcadf2c3399579ceed4f","sha512":"d6ee92d0f971493f9dd1462b6074de45c5a82355a893acb38ea45a783f5cf1f33448fb88b76a1a76d0ebc1652b4c1d41f7773e6719a730ec26857466b6f4519f","ssdeep":"","tlshash":"19f00e424aeabe40a3f2441818aedc3a2f14eefdb400209a1c8816d32a113e686c848e","first_seen":"2024-07-18T10:47:55Z","last_seen":"2024-08-19T16:32:06.873327Z","times_seen":11218,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uskr.ulpgexrl.top/","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-18T19:16:42.065Z","timestamp":1721330202065,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ulpgexrl.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Jun 2024 18:15:44 GMT","end":"Mon, 16 Sep 2024 18:15:43 GMT"},"fingerprint":{"sha1":"00:83:06:A6:0D:B8:F8:6D:CD:EB:6F:25:4F:44:5B:2A:52:D7:AF:59","sha256":"97:29:23:C6:8F:3F:8E:73:FF:62:71:A9:5F:6B:B2:FB:D9:DE:23:52:EA:65:2F:77:C3:05:00:6B:A9:93:97:37"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: uskr.ulpgexrl.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=u5kxjhx552xgejqq4yvp0uyz; RdStr=u5kxjhx552xgejqq4yvp0uyz\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Thu, 18 Jul 2024 20:16:42 GMT\r\nLocation: https://uskr.ulpgexrl.top/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kSO4qfYfsgW%2BLnUn%2BhvPN24WU3NDZYxudgTePfbGNJ9dEeZxvnTmH%2BBhwg%2FOqXoLmpVnVhrCPQRzEzdxQ6%2BCX0Jle4LJoS8J0ERYYHUTRrn4fyT0vio%2FmpQvb16NvfBbnu3BGw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8a54cec2ca8956c4-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":167,"size_decoded":167,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0104c301c5e02bd6148b8703d19b3a73","sha1":"7436e0b4b1f8c222c38069890b75fa2baf9ca620","sha256":"446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f","sha512":"84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf","ssdeep":"","tlshash":"c4c08cad6b523c98b8a73b3960c3a1a0e2ec803022d9042202b04a07f0cb1e78ec23d1","first_seen":"2023-04-05T06:32:17Z","last_seen":"2025-09-21T18:05:05.674757Z","times_seen":190494,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T19:16:42Z","timestamp":1721330202,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.8","port":51026,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-18T19:16:42.059540+0000\",\"flow_id\":852988727566040,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":51026,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"uskr.ulpgexrl.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://uskr.ulpgexrl.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":746,\"bytes_toclient\":1058,\"start\":\"2024-07-18T19:16:42.040664+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:42.34501698Z","timestamp":1721330202345,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4802\r\nExpires: Thu, 18 Jul 2024 20:36:44 GMT\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:42.373227638Z","timestamp":1721330202373,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4802\r\nExpires: Thu, 18 Jul 2024 20:36:44 GMT\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:42.37790588Z","timestamp":1721330202377,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4802\r\nExpires: Thu, 18 Jul 2024 20:36:44 GMT\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:42.380635789Z","timestamp":1721330202380,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4802\r\nExpires: Thu, 18 Jul 2024 20:36:44 GMT\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T19:16:42.384007267Z","timestamp":1721330202384,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4802\r\nExpires: Thu, 18 Jul 2024 20:36:44 GMT\r\nDate: Thu, 18 Jul 2024 19:16:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uskr.ulpgexrl.top/?benefit=0baa2ca68852b289ca80y59/78e8f5/ale41s/owaaffa?la6tant8mhtkazuka5agxtjs/fuallit0baazytazkrssspso15nai7daza/787b99/-af8iy/8df5mamndeaeiaaat5/haa0?dt7ncafd5da08jiwq_odifs_dpt4f/85lvlaa3ahiabf/5c8663/a6h_ga/gfaohksqhiat_aasigz/aaa1bsh47vwnleqjyyfv...~311~...rji_dqr_anauabd8aruaya/hga1_la/3df570/AQ52EtGSOCsw/ASAAAvzaIAbnAJvv02wL44FA/pHATsJZyoTsubIqZAA?DtokdASUaAuzA-2Gy/40ba89/t5FwsiAYoI1TsyJgAA/rhAD02AzE_s_H/3U1qAT?3Aj62TGrAlAECNJAAaVdIIhxFAAgAoiU_?Aw4D/d41497/sA2tAl?AEzfLAv2IWl9J_A/3AA-b4SJ9WnXFYAZ7lARxwQ/bAMqsOP-L3_HwVAyACA0I4TArGk/481d63/7A38A__A/4AGgAKEg_N?AeL8ld?AbXzlAgAbGGEFZJ-NSpZ80WA/AHIAEEsABcs_kAAZlC/IpA8wH4B/803582/nANyVAABG9HJ/2bhYKEUTFtA/H5xaAI8-Ac6k4AAQ?8A0sAA14JASabJNu9/PXACAAnB9iU_ntc/9c97f0/IAEzH7A9ilu8_?pv4ZPXAEEAA7A/pfsAAg1gXeO/AA59BaA_4eAsR3O5AAQAW?V7-taNwZdacVIN-D/0fc748/A3YEAgYer5K_hAA-dxscTz6RIAnftAmA4DLP4b?tyweU-0AAP8SHiOAAaF/A3xGi/AAGH9w9YA/6b96f8/fgAn??Qc7HNAAf1_WAUIK8Aad/LNsAU4AAE12A-H/Szw4tpT_AAIsAdwIEs5TlJ3fVOwT7EAhtduAA/c9334d/XcEdXAAAcA64/Xs?AAAw_G?9PAYAHrx_AASjGaIPJs3LE3HSjt/YgQuTEkA_3d2AAbQlOATkhNIskH/b06680/xAhoSc/ZfVawVgAsmAt/qTEcOGAAaAaoGAv4A2pLNi4AAvVBxXI9P9isAM4__PAH4?/AySnAE4H/5d7a2f/fsAY8A/uVpAIt/NAIAuDA2A4Bn6vt?HIW3iqVP2-KkXXdGA/8A-KAMTAsPkEsAtAjGcSPAJ4j7J/81aeb0/t4RsANARTxAAAhOb_CcIAQAOzAzAdA4H1Oy-dcCdeBrHTh2CW/EdfIvhHukA/Z4EAj-gA?p9AA/8ebbf3/o0snqpq3LP4v/eAG75PA?A5IyryEWAWi9H4qAA07Z5AAsfyWazM7AYyRAlNX5A/7rAJjzSAATq/f683cb/iEaPY_CI3AO7AJh_2AksrrKA4AA5AcAcIiO_hbAdm7h/EVFS0/ER4?KcAseoUgf3wAsAANsXFH?xAA/120bb8/AsKOAjgv6AwEAOnakMHiHeCABhOA38/AAjnUl/3XT-OhP34e94HZIj?3_mrBTA3B96CAIAtA7A/248b22/PIs4HJkPAVdAJtXA-0HAAgu_VfrmUq0/EiAA8/A2ndjsOnyA2v/pfFJAAAKAMdlPjnt3uT?zAsY","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-18T19:16:40.750Z","timestamp":1721330200750,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ulpgexrl.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Jun 2024 18:15:44 GMT","end":"Mon, 16 Sep 2024 18:15:43 GMT"},"fingerprint":{"sha1":"00:83:06:A6:0D:B8:F8:6D:CD:EB:6F:25:4F:44:5B:2A:52:D7:AF:59","sha256":"97:29:23:C6:8F:3F:8E:73:FF:62:71:A9:5F:6B:B2:FB:D9:DE:23:52:EA:65:2F:77:C3:05:00:6B:A9:93:97:37"}}},"request":{"raw":"GET /?benefit=0baa2ca68852b289ca80y59/78e8f5/ale41s/owaaffa?la6tant8mhtkazuka5agxtjs/fuallit0baazytazkrssspso15nai7daza/787b99/-af8iy/8df5mamndeaeiaaat5/haa0?dt7ncafd5da08jiwq_odifs_dpt4f/85lvlaa3ahiabf/5c8663/a6h_ga/gfaohksqhiat_aasigz/aaa1bsh47vwnleqjyyfv...~311~...rji_dqr_anauabd8aruaya/hga1_la/3df570/AQ52EtGSOCsw/ASAAAvzaIAbnAJvv02wL44FA/pHATsJZyoTsubIqZAA?DtokdASUaAuzA-2Gy/40ba89/t5FwsiAYoI1TsyJgAA/rhAD02AzE_s_H/3U1qAT?3Aj62TGrAlAECNJAAaVdIIhxFAAgAoiU_?Aw4D/d41497/sA2tAl?AEzfLAv2IWl9J_A/3AA-b4SJ9WnXFYAZ7lARxwQ/bAMqsOP-L3_HwVAyACA0I4TArGk/481d63/7A38A__A/4AGgAKEg_N?AeL8ld?AbXzlAgAbGGEFZJ-NSpZ80WA/AHIAEEsABcs_kAAZlC/IpA8wH4B/803582/nANyVAABG9HJ/2bhYKEUTFtA/H5xaAI8-Ac6k4AAQ?8A0sAA14JASabJNu9/PXACAAnB9iU_ntc/9c97f0/IAEzH7A9ilu8_?pv4ZPXAEEAA7A/pfsAAg1gXeO/AA59BaA_4eAsR3O5AAQAW?V7-taNwZdacVIN-D/0fc748/A3YEAgYer5K_hAA-dxscTz6RIAnftAmA4DLP4b?tyweU-0AAP8SHiOAAaF/A3xGi/AAGH9w9YA/6b96f8/fgAn??Qc7HNAAf1_WAUIK8Aad/LNsAU4AAE12A-H/Szw4tpT_AAIsAdwIEs5TlJ3fVOwT7EAhtduAA/c9334d/XcEdXAAAcA64/Xs?AAAw_G?9PAYAHrx_AASjGaIPJs3LE3HSjt/YgQuTEkA_3d2AAbQlOATkhNIskH/b06680/xAhoSc/ZfVawVgAsmAt/qTEcOGAAaAaoGAv4A2pLNi4AAvVBxXI9P9isAM4__PAH4?/AySnAE4H/5d7a2f/fsAY8A/uVpAIt/NAIAuDA2A4Bn6vt?HIW3iqVP2-KkXXdGA/8A-KAMTAsPkEsAtAjGcSPAJ4j7J/81aeb0/t4RsANARTxAAAhOb_CcIAQAOzAzAdA4H1Oy-dcCdeBrHTh2CW/EdfIvhHukA/Z4EAj-gA?p9AA/8ebbf3/o0snqpq3LP4v/eAG75PA?A5IyryEWAWi9H4qAA07Z5AAsfyWazM7AYyRAlNX5A/7rAJjzSAATq/f683cb/iEaPY_CI3AO7AJh_2AksrrKA4AA5AcAcIiO_hbAdm7h/EVFS0/ER4?KcAseoUgf3wAsAANsXFH?xAA/120bb8/AsKOAjgv6AwEAOnakMHiHeCABhOA38/AAjnUl/3XT-OhP34e94HZIj?3_mrBTA3B96CAIAtA7A/248b22/PIs4HJkPAVdAJtXA-0HAAgu_VfrmUq0/EiAA8/A2ndjsOnyA2v/pfFJAAAKAMdlPjnt3uT?zAsY HTTP/1.1\r\nHost: uskr.ulpgexrl.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 18 Jul 2024 19:16:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /eddb8a/HA54?D_vTUeaAl/x3-xAvra5gdESrcSIAxAVdSA_NAAsOasyAXpAufPPWAke4gAz/AgKAUSAAv\r\nset-cookie: ASP.NET_SessionId=u5kxjhx552xgejqq4yvp0uyz; path=/; HttpOnly\nRdStr=u5kxjhx552xgejqq4yvp0uyz; path=/\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=O88ktmsXUbZWGSAK%2BPzB%2Bi34anTOXyyUYSBKlzzeac6OB5%2BEmotPqhI%2FWtsIN5GgLVnmwCz%2FC8FfqS24uV9XbeD6enOTdkb6NnK%2FUedWZVEpVM%2BpUoN%2Bd8G8qUcm4dtBpfr5mw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a54cebafd68569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":47,"dns":1,"connect":1,"send":0,"wait":620,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uskr.ulpgexrl.top/eddb8a/HA54?D_vTUeaAl/x3-xAvra5gdESrcSIAxAVdSA_NAAsOasyAXpAufPPWAke4gAz/AgKAUSAAv","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-18T19:16:41.425Z","timestamp":1721330201425,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ulpgexrl.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Jun 2024 18:15:44 GMT","end":"Mon, 16 Sep 2024 18:15:43 GMT"},"fingerprint":{"sha1":"00:83:06:A6:0D:B8:F8:6D:CD:EB:6F:25:4F:44:5B:2A:52:D7:AF:59","sha256":"97:29:23:C6:8F:3F:8E:73:FF:62:71:A9:5F:6B:B2:FB:D9:DE:23:52:EA:65:2F:77:C3:05:00:6B:A9:93:97:37"}}},"request":{"raw":"GET /eddb8a/HA54?D_vTUeaAl/x3-xAvra5gdESrcSIAxAVdSA_NAAsOasyAXpAufPPWAke4gAz/AgKAUSAAv HTTP/1.1\r\nHost: uskr.ulpgexrl.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=u5kxjhx552xgejqq4yvp0uyz; RdStr=u5kxjhx552xgejqq4yvp0uyz\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 18 Jul 2024 19:16:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=20CbrzX5zG%2FsmweAj%2FmT7qjzpn8OArPV0nIDxkwJ64BE9vc2ar1milKO1ds0lbxeqIHYYvtxa1phKFkQcvgE22SXrx%2BwcgtSWC4nn75pYFr17qPVI8%2BB6Q1UWe1fCUCmghLUDg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a54cebeed02569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uskr.ulpgexrl.top/favicon.ico","fqdn":"uskr.ulpgexrl.top","domain":"ulpgexrl.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uskr.ulpgexrl.top/","date":"2024-07-18T19:16:42.392Z","timestamp":1721330202392,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ulpgexrl.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 18 Jun 2024 18:15:44 GMT","end":"Mon, 16 Sep 2024 18:15:43 GMT"},"fingerprint":{"sha1":"00:83:06:A6:0D:B8:F8:6D:CD:EB:6F:25:4F:44:5B:2A:52:D7:AF:59","sha256":"97:29:23:C6:8F:3F:8E:73:FF:62:71:A9:5F:6B:B2:FB:D9:DE:23:52:EA:65:2F:77:C3:05:00:6B:A9:93:97:37"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: uskr.ulpgexrl.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uskr.ulpgexrl.top/\r\nCookie: ASP.NET_SessionId=u5kxjhx552xgejqq4yvp0uyz; RdStr=u5kxjhx552xgejqq4yvp0uyz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 18 Jul 2024 19:16:42 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 30 Nov 2023 12:13:25 GMT\r\netag: W/\"8d495b9e8623da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ylqF4q15AoJ3CMXNrqwNDyhGEuX44YOocQ6PuHrSoELaIASzHWWoC6kHYw8bcCyyhTrqAi1XSuNYr6U7DCcNYFd0sKvAGwvTIxaiY0OycbAXDBfN8jkaFGtFsJtKxJ8HX%2BEeIw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8a54cec4eff9712f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32038,"size_decoded":32038,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3f0f72ed57a54b97cda500bcf0545efb","sha1":"2f252619c18e729d98e16b96d37cd7cd567b38eb","sha256":"67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943","sha512":"ea68c54a3ca39a47555a41ae5fc3723f1e7c06b3ad1776ee7082ffbff48277d2b4ee7ca1753165c2dccdf7012eb0cbe29cdbde21dc05373a07cf18e23de37e54","ssdeep":"192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn","tlshash":"6de2207b2193e200e49136f0adeaa4f059556f9a54708f19b0ba3d7de37a82bfc1d04d","first_seen":"2023-04-05T10:33:55Z","last_seen":"2026-04-02T00:01:25.834386Z","times_seen":28703,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}