{"report_id":"1a8dc9b2-59ed-4f01-9d17-cd6e709369b3","version":6,"status":"done","tags":[],"date":"2024-02-29T03:35:52Z","url":{"schema":"http","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"title":"Web Proxy System - OSZAR"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T22:46:55Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2024-02-29 02:45:35","alert_count":0,"request_count":1,"received_data":96577,"sent_data":459,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-07-09","domain_rank":0,"first_seen":"2024-01-19 12:26:06","last_seen":"2024-02-16 03:09:22","alert_count":13,"request_count":13,"received_data":300130,"sent_data":11928,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":1294,"first_seen":"2019-09-24 16:34:56","last_seen":"2024-02-28 18:38:57","alert_count":0,"request_count":1,"received_data":20383,"sent_data":570,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"53bda1e2c33680d008144c17789ff733","sha1":"f65f88e23c33922e80ef36f22e0795f16bca0075","sha256":"f0a8453623bf63d3a8a1247d1b49ef027d91b362907be0624e826078844c4731","sha512":"49a1827480ab0e1b1552d5ee84e290e30cc4dc65e90219879875048e6c3bc4cbfb0608c91e32ccfe42a1b3490ccad24b9e6c21f18bbcf2feb397b9324b869a21","ssdeep":"3072:iK4agazsHEoSquZ2Icn8t+Ap9X/OLMK7NtefdIPwtksN9AedE4Pu7wosahg:3487qk2IVvX/pK7NtefiotraedHPu78","tlshash":"5f5419da73c37022929af479503f028ba57b28a2b45dcc95f1c9c9d02e74a8a5177f7c","size":287715,"data":"","first_seen":"2024-08-20T08:38:22.034604Z","last_seen":"2024-08-20T08:38:22.034604Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/js/jquery-1.10.2.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93107,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T15:35:49.927716Z","times_seen":13049,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/js/bootstrap.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba847811448ef90d98d272aeccef2a95","sha1":"5814e91bb6276f4de8b7951c965f2f190a03978d","sha256":"898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1","sha512":"bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df","ssdeep":"768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w","tlshash":"f1d26506b2303161079fb2f5515f020b733a6a7ee906907c38b99ae63d79c587167f39","size":29110,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-03T16:19:21.450618Z","times_seen":26775,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"439d281ec65f2b2f132d25842e7cdcb9","sha1":"519e301babe5a30f7133c31e6b79076e8f2e605f","sha256":"235b694c22e99c3a53ca62913ac643fa8f2e26be380a2c198f5ebe1ece62e1f1","sha512":"7dca98fe06815184ee0e30160aa92872f34070242692908d4f7ecc636fb7095cf7ad41d66255f7117d4d67667c8dab9b1c2edeaf6b19a596716539b9c6a09852","ssdeep":"","tlshash":"6fd095b318a6c43856d4014e70f6c27c356011c01b53310095dddc2d9d00ed3c851d48","size":247,"data":"","first_seen":"2024-08-20T08:38:22.048003Z","last_seen":"2024-08-20T08:38:22.048003Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd1d068fdb5fe90b6c05a5b3940e088c","sha1":"0d96f9df8772633a9df4c81cf323a4ef8998ba59","sha256":"6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101","sha512":"7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30","ssdeep":"384:XrqR6Q0npafIm4rKi/BwEXN1w29mItq0W5i6G:Q70nBrKuB0Uqti6G","tlshash":"c692a6daba85723613f76076913f220b733b356528068458d22ad7c12c7d68f6317f6e","size":19986,"data":"","first_seen":"2023-10-13T06:51:00Z","last_seen":"2026-04-01T01:49:28.485731Z","times_seen":17317,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82a05db406af08434bcd0f3170932dfb","sha1":"6356a6302ca69a53272beaed4950d778a5d6e5c8","sha256":"4dcb3a4eaf727f8d8b42a2e3887bcc48c6865becc91b59c5f79038302bf04e81","sha512":"3ad9874e766fe43a9a599be5f5772ea389ec81d65b0d77a489b2aa6691d03ca5eb6311a3be35fc0f15e17aa0ffb7a78e050c82c18ec165230486555802871da5","ssdeep":"192:0v7fqfHy8rNjA2tzIV70kZj3hP1u079+o:0vmy8rNjA2NQdP1u2ko","tlshash":"71f1c6ea36967411027239bb105fa89b601ddbf235f58f63955088f8bf30386f42ae46","size":7836,"data":"","first_seen":"2024-08-20T08:38:22.037751Z","last_seen":"2024-08-20T08:38:22.037751Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"632112643e58607e22660133e53f65cee0b12251bd07e150409edc99a6e4fe5073fee9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T18:31:24.123309Z","times_seen":291357,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"36b91ea05a6067d00ea51a22fab48577","sha1":"10341605421524ea98a4951cc631180b159bcdef","sha256":"8470fc98c7802a5469b941a22191fac9c94e5cf3db4c391c49fb94cbc6d0bee0","sha512":"c9dd0632f4c7512d9055eaf461c9d8f14ffd74c87f8be7d6f0355f98bc2ce311d79d6c9e65339ccd1bee81f8bfe53269fe529ff9668ac68d69b93837ab028550","ssdeep":"","tlshash":"11112c3930e8a13ec7c6619e21bed3ac3e7c10522a07204091addc6dac00e5bd81fdbe","size":1076,"data":"","first_seen":"2024-08-20T08:38:22.049758Z","last_seen":"2024-08-20T08:38:22.049758Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.895Z","timestamp":1709177727895,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 05 Feb 2024 08:03:51 GMT","end":"Mon, 29 Apr 2024 08:03:50 GMT"},"fingerprint":{"sha1":"FE:B5:CA:52:98:40:B5:91:CE:64:41:05:2F:EE:E4:7C:8D:52:16:80","sha256":"AF:2D:BE:F8:59:62:92:BD:D6:2C:0C:42:77:31:0A:F7:AA:72:31:D5:E8:AB:E7:47:6C:18:DB:41:30:ED:43:68"}}},"request":{"raw":"GET /gtag/js?id=G-PNFHQ1FTKQ HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 29 Feb 2024 03:35:27 GMT\r\nexpires: Thu, 29 Feb 2024 03:35:27 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 95976\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95976,"size_decoded":287715,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5955)","md5":"53bda1e2c33680d008144c17789ff733","sha1":"f65f88e23c33922e80ef36f22e0795f16bca0075","sha256":"f0a8453623bf63d3a8a1247d1b49ef027d91b362907be0624e826078844c4731","sha512":"49a1827480ab0e1b1552d5ee84e290e30cc4dc65e90219879875048e6c3bc4cbfb0608c91e32ccfe42a1b3490ccad24b9e6c21f18bbcf2feb397b9324b869a21","ssdeep":"3072:iK4agazsHEoSquZ2Icn8t+Ap9X/OLMK7NtefdIPwtksN9AedE4Pu7wosahg:3487qk2IVvX/pK7NtefiotraedHPu78","tlshash":"5f5419da73c37022929af479503f028ba57b28a2b45dcc95f1c9c9d02e74a8a5177f7c","first_seen":"2024-08-20T08:38:22.034604Z","last_seen":"2024-08-20T08:38:22.034604Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":59,"dns":0,"connect":7,"send":0,"wait":30,"receive":20,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/oszar.png","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.878Z","timestamp":1709177727878,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/oszar.png HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 8066\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: \"6516f11b-1f82\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=h159J%2B7GROQMPBnYrygnmo5w%2Bu%2BKkU89KMTYhsM8tiJpW0rv7QSkFLjq433CKir9opTI0fOk%2Fq%2BUpjYCCxzxzHYrf3z2c79VcmbgidMZcMLoCexzEJpfjhE9KiDQZapb9jMJyYWEtZLaVbwheu%2Bcjdp6VtSCsy%2BYuwWjsKWphW5AzJnULQRL\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f1f0156be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8066,"size_decoded":8066,"mime_type":"image/png","magic":"PNG image data, 260 x 60, 8-bit/color RGBA, non-interlaced","md5":"e3ccd6835e319f0a8a87e242f3b27e29","sha1":"2333f3ce8633ea0da7afa4207de4d6eb198f2654","sha256":"6535017d59aaed48568cd363ff6bd72ed3e7692e6d95d450e416d90cf41a15d3","sha512":"61ea273944e3b86b145cf35b2574ef4b740ff897971191be5616ba2e39d23207a941b1def990ebd09e71ccf127fff310e6c3750b407db8dfcfd7df8f6937a455","ssdeep":"192:jkknPMTBHeNhVAqNA0pX6lDxmzzRyG/J6g3AXgO4HYIlTPA/N1wD2Xi:TnSBUhlA0pXaDQzlyGBIX16A/N1wD2S","tlshash":"85f19ec46e80fd4092859b4e6de173272d377b519f864414ddccec4f9ca0ae6ce05b81","first_seen":"2024-08-20T08:38:22.03595Z","last_seen":"2026-03-05T19:04:52.058423Z","times_seen":7,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":386,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/rum?","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:28.713Z","timestamp":1709177728713,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1092\r\nOrigin: https://i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D; cf_clearance=TRVkwObZC4F5SGdQ5_MxH7ytaqoaqa7rgbBqF3nO2aE-1709177728-1.0-AWmmiQCzoPt60eU3nxp6iy8+sj+oEUikzJtrMYgJl0g+aLVUfetE09iJTQXGvN15c8nLB3HDiGHRoXgeavuUjBU=; _ga_PNFHQ1FTKQ=GS1.1.1709177728.1.0.1709177728.0.0.0; _ga=GA1.1.114996946.1709177729\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\naccess-control-allow-origin: https://i777777o666972737472657075626c6963o636f6dz.oszar.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 85cddb84794756be-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:28.501Z","timestamp":1709177728501,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\ncache-control: max-age=14400, public\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=MYAS46MBpTZE4x0pv4RTiAshrOL2n5QsGZ0N6c6SR5Wt%2FQPrq3XVbOX72D63DTMFtM8pBFqzB7IjvCgV0e31Y%2BG16TtYPp4sEyB5DDUlYhhxqoD2vXwqJkjTkhxU%2BWrLlUZqNo0CGqZE0i9htPInr3YQcpmathSDVKbBbTA9oJJg6%2Fda63ef\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85cddb8318af56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4110,"size_decoded":7836,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7836), with no line terminators","md5":"82a05db406af08434bcd0f3170932dfb","sha1":"6356a6302ca69a53272beaed4950d778a5d6e5c8","sha256":"4dcb3a4eaf727f8d8b42a2e3887bcc48c6865becc91b59c5f79038302bf04e81","sha512":"3ad9874e766fe43a9a599be5f5772ea389ec81d65b0d77a489b2aa6691d03ca5eb6311a3be35fc0f15e17aa0ffb7a78e050c82c18ec165230486555802871da5","ssdeep":"192:0v7fqfHy8rNjA2tzIV70kZj3hP1u079+o:0vmy8rNjA2NQdP1u2ko","tlshash":"71f1c6ea36967411027239bb105fa89b601ddbf235f58f63955088f8bf30386f42ae46","first_seen":"2024-08-20T08:38:22.037751Z","last_seen":"2024-08-20T08:38:22.037751Z","times_seen":1,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/favicon.ico","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:28.480Z","timestamp":1709177728480,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-3a5e\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gd9JDkkOhI3vIZXv622S4lg5GvPY%2BvVlzAqA4WLxh6SmpK%2B9W3eJrqUGHE8qTB8UyGXqCVrEd%2BlaLViQXRQtkU3M4fCOX98bglGPIxvrcbn1ouXFp%2FA7ErXlRe6wus91%2FifKnQ7cNXxxjoEs%2FaIccDuI6%2B1Z7If0EecXaTEMhJvVQfPT9xVC\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb82f89f56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11563,"size_decoded":14942,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 60x60, 32 bits/pixel","md5":"84284ebe7129f293978725abe9952687","sha1":"905bdf0a818eb010b726d24da611458d7104336d","sha256":"f325400640fe23f1d99a31b40dfd43cb4c37c5fec9fe428f2042576b4bbb7654","sha512":"633426b6c11d68c7ad17d4204714ab2d89e0f5ad27a799c8a36628704c87f6662e87d032fffac04c64cf9c344647e26833507f6c6b5772de9466a2738ad6a794","ssdeep":"192:aEShUqxBRMYETzk3xYCSmrDKba3wEBvhfjUVL1a:aEShUqxPmk3+q3KbmP1hf4BY","tlshash":"7d6224446bc9e44acc875657eaa159fc98b13c6ee6bd09cf8e0a3d29f4f3070710a41e","first_seen":"2024-02-29T04:35:54Z","last_seen":"2026-03-05T19:04:52.032056Z","times_seen":93,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:28.487Z","timestamp":1709177728487,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\naccess-control-allow-origin: *\r\nvary: accept-encoding\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js\r\ncache-control: max-age=300, public\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=6xVQwCTomig1%2B6J8xP4RWCiYk0TEVZs0wU3%2Bh5shD3UCjpGj8cynsNFFM%2F4qz9udPjNHWDOtmEMgHrxVk0%2F924qVTIco7r9XnHHzk6WOsusbD7K5lkBJpbsgddsX0O%2B%2BMt1uClwKiCjumMqmjh820WhbjWC51SP165BtKQhaH%2B6uogi4g0DJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85cddb8308a256be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/css/bootstrap.min.css","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.870Z","timestamp":1709177727870,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/css/bootstrap.min.css HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-1b5a1\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=pYavLd6xWrACufaVeHcrDHE8%2FoFOeZ1crRt4lfi4%2Bqofp%2BchMKpBYPjQC10rz9TYtBj5s6CnJYySPIBaZ4hqslCP8Z%2BfAmjxo04sufLN%2FyIDtiWHFfJBXYJDi5LzSWRc6jPnqZ%2BBoQ7y9S4Kvncu9fWuE0iFlXvRYBJN8E9GkOZ4HL2dGkGc\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f1efb56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":112033,"size_decoded":112033,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (540)","md5":"c4198d00db77b6088a2e43fbbea8b706","sha1":"352264cea5e0ed27d7e3eedd7230dcb49da64d85","sha256":"57108883f9584cf0b2ee5c3901554ca05c0bcff39aaf1331087c07631fb400d3","sha512":"79132f1a3e6beae6b0424f7b1b093e039ec2f635594897230a1a017362fa14170dabd0df9d1d6fac83a17ff668ffbd9c96fe6701d0775c73c335baec6e3e770f","ssdeep":"768:Gs17M0PxirPiouya/B3rWkBuu5Xtuto2SOyPq8HGQAwtqtcaGjmYIkYihs6z:GE7M0VoufB3rBBmtoduhc3jmYIkYihsu","tlshash":"63b3a568b6103dc97213d4c87ea4ded25b0e5192ee1e4dbbf517289c83cc4d906b3b9a","first_seen":"2024-08-20T08:38:22.039518Z","last_seen":"2026-03-05T19:04:52.015327Z","times_seen":7,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/css/style.css","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.876Z","timestamp":1709177727876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/css/style.css HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-10e7\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=sTS%2Byr9SINtT%2BOGkWeE1sTG34zbWZlFVoWhCf5xLchK2MPx0ufvxEiTeN%2BxqL9OoSJ%2FVXi4VJP0a%2BF%2B65yUUU5zEmGXNUswCG9cmM1mwDOTPVpsdf4QyXeSyJDNM6A9XFWIQ9g1iBXbAGEYTsTtreWAxv%2BQd%2BHOMmkgDEjI3AzJ8lEmJ9ANj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f1eff56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4327,"size_decoded":4327,"mime_type":"text/css","magic":"ASCII text, with very long lines (4562), with no line terminators","md5":"05ca9c6d66cd4f39431fdecf4cb93ead","sha1":"e11c08c13feb3fad0c04212825d76ba2179a32fe","sha256":"d1ee8d8ba937b729e10cdad896e133ef1fde4b20e0c4c4ca3bb6917a01b33a1e","sha512":"a3b7d73c2026547db35fb291a4ab17b8a6f9e501f8ac4adfc9011673f18bf0e4869855a9a9596380fe2dc3a9171b1f3b62ffb10d2aa07c43117d06a3a7ee1411","ssdeep":"96:2ZX4iGd455HmmoTvt0ilwfwBLKg7bvQ/TnXk+Nj/Q3bOk8rk5:2Z4iGd4DHmmobthOfGLKiELzl2","tlshash":"a891ed067da1702c3027edbca6f34370e72e2402272b537625a3b696cb49384823ed8c","first_seen":"2024-08-20T08:38:22.040916Z","last_seen":"2025-04-02T22:30:25.88447Z","times_seen":2,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/css/font-awesome.min.css","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.874Z","timestamp":1709177727874,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/css/font-awesome.min.css HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-4fd2\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=W4vZlGRWw6dkCVR5hJB2t%2FMnKLwBgs6LRRzEmAEFjvF0jsNxPNllxKK8Srw5A1tAAI%2BYxsD7BTso38b2ifPkAqmHmiVwozqQexEoRFQQthovWQKFaX6b2u8zKivOqrcBcpaf3Du2jr4YFzE3XyLUjLZjDJZfLrs37gbwe4duaUroJbh09v06\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f1efe56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20434,"size_decoded":20434,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (304)","md5":"ee71cf221619ad9ac294f729222b6142","sha1":"369871414f760f62bf7f4d50398e77f4b055631b","sha256":"0466c9502f19f0dc354df4549d1bf654c1d3ca9cff1f42703966b57e8a560055","sha512":"b9527f33e23b95683fa236af6c65e2edf24ff9c4ebf402292d80e44aae6c5ddf189a3e5130c6472046fd526da037d3f040873f8129a7b8a01def07329d56e39a","ssdeep":"192:bq+MjguK7WJ+pSQT9NiWSCOIRmvzI3sWiekTYEI+pL6E7xSzGZ:KjguKomfTriWBOIRmrOkTzI+6xzGZ","tlshash":"e99250aced0f38c287d1e4857f85ab60672ab73d9d818c9de102396ce3d16b916c43d9","first_seen":"2024-08-20T08:38:22.042967Z","last_seen":"2026-03-05T19:04:52.022327Z","times_seen":8,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/js/bootstrap.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.887Z","timestamp":1709177727887,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/js/bootstrap.min.js HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-71b6\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2hXQTLF2XMfPBHgUZv0wP1bEx0cvVzw%2BAEAPf5op%2Be9uUOSvZl9QiSOcpLzBTMJ78cUwWeMKCvsjqXypJgnp2UuOnOPyUB9thUaR0kW%2BJDcEfLCaUwPUC4JRD9YwwXIe5OWoB8BgeS9YzBV6Gub3eVXQcGWDigucS6j4mO6MTOpTsVh5pu2j\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f2f0c56be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29110,"size_decoded":29110,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28941)","md5":"ba847811448ef90d98d272aeccef2a95","sha1":"5814e91bb6276f4de8b7951c965f2f190a03978d","sha256":"898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1","sha512":"bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df","ssdeep":"768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w","tlshash":"f1d26506b2303161079fb2f5515f020b733a6a7ee906907c38b99ae63d79c587167f39","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-03T16:19:21.450618Z","times_seen":26775,"resource_available":true,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cddb7aab0956c4","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:28.643Z","timestamp":1709177728643,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/85cddb7aab0956c4 HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 12296\r\nOrigin: https://i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\npriority: u=3,i=?0\r\nset-cookie: cf_clearance=TRVkwObZC4F5SGdQ5_MxH7ytaqoaqa7rgbBqF3nO2aE-1709177728-1.0-AWmmiQCzoPt60eU3nxp6iy8+sj+oEUikzJtrMYgJl0g+aLVUfetE09iJTQXGvN15c8nLB3HDiGHRoXgeavuUjBU=; path=/; expires=Fri, 28-Feb-25 03:35:28 GMT; domain=.oszar.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=0%2BMRaPUwyLWaj9goRPEAntV1KVsRypslj6LH4eG8DaFjAkTO3tL1wOf9G%2Fi6BVcWsDLgBKbVQcV9I1uvSu2NGz8usFD2CiMTg2wOD47j%2FrU7yoLxBvLXR3GOkuYScykrZUF98ZpcQ7E7p0SMH24KSkbWRivNhzjTCDiO%2Ft7yLSjIOQFeVP9A\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85cddb84090956be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-02-29T03:35:27.137Z","timestamp":1709177727137,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.0.30\r\nset-cookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D; expires=Thu, 29-Feb-2024 04:35:27 GMT; Max-Age=3600; path=/; domain=.i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nx-cache-status: BYPASS\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=V1WTaVG9pPb5C48NFd9dyytT4YvZZbuFq2bTQ153Zx60XEMv3b%2BMeHBX0%2BAmb1EXkJIb6GthZRru2zbWKkZI4QTDPItTJTPy7J%2F1nJU2qObZWqk0wwc2orZKxlZersRQ7vxc9jbsB3IL24mqTDwNM%2FQwyxVM%2BFVMwKZ4dtyXxd%2Beq%2BUqfcdY\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 85cddb7aab0956c4-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5840,"size_decoded":5840,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (6489), with no line terminators","md5":"439305bd9f92620f7e3c287b3c7092fb","sha1":"b169a5a64b5b951a6cb1a5966a9f8efd26d280b5","sha256":"4c68fd9c1d9f4265d183993fda96edc182b45fe26bc8f7b5acf07c88f482e56d","sha512":"2d6d549db110b715e9c91affca0fc49dfd185fc8f8766fe0eb515c79d49d69c8be302729a22c24fe998fec4de14a5c6c7c171c782d7444c6892d1f1e92a71258","ssdeep":"192:WVpIbsbs+P3KT5yJPNT3P0AbmT8J19YAcq0IThr+CJiar:WVpIbsbvPaTQPNT3PlbmT8J19Qq00hrP","tlshash":"14d174322c78d12522939bcc12f5fa2d749bb90dbc534a8272eaba6c465cd61c877d10","first_seen":"2024-08-20T08:38:22.044952Z","last_seen":"2024-08-20T08:38:22.044952Z","times_seen":1,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":406,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.881Z","timestamp":1709177727881,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 23 Feb 2024 17:10:29 GMT\r\netag: W/\"65d8d185-4d7\"\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=uaR3FqtQ7Nzbpp0rdThopyfSSSDpJhMUeO0G7uPRfx%2BkLXOoT4Q3Jub5ulHIfU27bc7mg0TwoCAp7GJnE7%2BorFazx%2FVwW88wWTorI2CHDA17AEY8b3n9JHJF5Kmy1QcK6TSKBaz48ru%2B0CjPRvuV6cCoA9fP32rDGUpyEWsLaeehBnAPacIU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f2f0456be-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nexpires: Sat, 02 Mar 2024 03:35:27 GMT\r\ncache-control: max-age=172800, public\r\ncontent-encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1239,"size_decoded":1239,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (1271), with no line terminators","md5":"40d981045a7516cdadd00e8dccc9c58d","sha1":"8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3","sha256":"71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c","sha512":"c4a328efda11026b8efeccbf79d7d87dd5d8988b47ad80ee924da0d9e2d0e6cfc22f0a194470b76eabb1ff83495ff693eee1d16b5c1d1e81bd373dbc31f12a45","ssdeep":"","tlshash":"de2112643e58607e22660133e53f65cee0b12251bd07e150409edc99a5e4fe5063fee9","first_seen":"2023-04-05T04:01:24Z","last_seen":"2025-04-06T22:31:21.493416Z","times_seen":42361,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.897Z","timestamp":1709177727897,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 10 Apr 2023 00:00:00 GMT","end":"Tue, 09 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8","sha256":"4A:21:87:C4:F3:51:A5:AE:14:5E:BE:9F:5F:A4:21:CE:D6:A0:0E:E1:D2:D3:14:48:22:CB:A0:53:D7:02:D3:62"}}},"request":{"raw":"GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:27 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2023.10.0\"\r\nlast-modified: Tue, 10 Oct 2023 21:38:13 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f6d3c0b06-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19986,"size_decoded":19986,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19986), with no line terminators","md5":"dd1d068fdb5fe90b6c05a5b3940e088c","sha1":"0d96f9df8772633a9df4c81cf323a4ef8998ba59","sha256":"6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101","sha512":"7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30","ssdeep":"384:XrqR6Q0npafIm4rKi/BwEXN1w29mItq0W5i6G:Q70nBrKuB0Uqti6G","tlshash":"c692a6daba85723613f76076913f220b733b356528068458d22ad7c12c7d68f6317f6e","first_seen":"2023-10-13T06:51:00Z","last_seen":"2026-04-01T01:49:28.485731Z","times_seen":17317,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":14,"dns":29,"connect":1,"send":0,"wait":33,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i777777o666972737472657075626c6963o636f6dz.oszar.com/oszar/js/jquery-1.10.2.min.js","fqdn":"i777777o666972737472657075626c6963o636f6dz.oszar.com","domain":"oszar.com","tld":"com"},"ip":{"addr":"104.21.53.240","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://i777777o666972737472657075626c6963o636f6dz.oszar.com/","date":"2024-02-29T03:35:27.884Z","timestamp":1709177727884,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oszar.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 23 Jan 2024 21:21:00 GMT","end":"Mon, 22 Apr 2024 21:20:59 GMT"},"fingerprint":{"sha1":"AB:FD:5C:7E:CD:5A:6B:BC:31:4D:8D:3F:B1:39:FA:5F:E9:59:46:81","sha256":"EE:D3:A4:E5:7C:2E:40:2B:47:34:01:06:0D:BB:FD:61:63:2C:01:CA:A0:13:21:C5:9A:D0:CF:10:CE:AC:28:BC"}}},"request":{"raw":"GET /oszar/js/jquery-1.10.2.min.js HTTP/1.1\r\nHost: i777777o666972737472657075626c6963o636f6dz.oszar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i777777o666972737472657075626c6963o636f6dz.oszar.com/\r\nCookie: firstrepublic_com=%7B%22HttpHost%22%3A%22www.firstrepublic.com%22%2C%22HttpDomain%22%3A%22firstrepublic.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.firstrepublic.com%5C%2F%22%2C%22GirisIP%22%3A%2223.214.31.55%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 29 Feb 2024 03:35:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Sep 2023 15:45:31 GMT\r\netag: W/\"6516f11b-16bb3\"\r\nexpires: Thu, 14 Mar 2024 03:35:28 GMT\r\ncache-control: max-age=1209600\r\nx-ua-compatible: IE=Edge,chrome=1\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=MErkDAc5Hl3GhamLAeTF1F40O0N18ehAgpjwivfFrj0BnkvTazggByTFSOK%2F1w04xBAoalE6oP98apy8P2hAF7VAOqy%2BlO0Nd3ha3wzFO0K8yA0ZymOcJiwUM8VcNC9F5GxTWhGoDARq1BFxtGm4m8EeL5stVrw7y30GA2bnAoakXE%2Bh73%2FF\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 85cddb7f2f0756be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93107,"size_decoded":93107,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T15:35:49.927716Z","times_seen":13049,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-02-29","alert":"Sinkholed","trigger":"oszar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}