{"report_id":"3e248015-13fc-4ea9-b9a0-91f6032586d3","version":6,"status":"done","tags":[],"date":"2024-07-30T09:44:57Z","url":{"schema":"http","addr":"www.pazmarketing.com/001/lordchosen/?login=aleksandr.tcybenko@lukoil-overseas.com/79Ci511722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1eAA5b11722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1e01A331722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd12i74GG1722314489cfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302e1Hb5C41722324277bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9","fqdn":"www.pazmarketing.com","domain":"lukoil-overseas.com","tld":"com"},"ip":{"addr":"172.67.148.199","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.pazmarketing.com/001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f","fqdn":"www.pazmarketing.com","domain":"pazmarketing.com","tld":"com"},"title":"404 Error"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T07:42:31Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.pazmarketing.com","ip":{"addr":"172.67.148.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2007-03-17","domain_rank":0,"first_seen":"2012-07-16 16:21:15","last_seen":"2024-03-20 20:07:39","alert_count":3,"request_count":3,"received_data":4108,"sent_data":2638,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-29 18:12:12","alert_count":0,"request_count":7,"received_data":6211,"sent_data":2289,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:31.821906804Z","timestamp":1722332671821,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"159FE1F7A2D6EA4C94209AF2EA277A66B066E7970331BC6F68B3C34B25BD1E6D\"\r\nLast-Modified: Mon, 29 Jul 2024 18:56:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17501\r\nExpires: Tue, 30 Jul 2024 14:36:12 GMT\r\nDate: Tue, 30 Jul 2024 09:44:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8de48a40f03d0580f3403af038bdc7c5","sha1":"26acd49233fc235bbea743c0a675d50b4810ec89","sha256":"159fe1f7a2d6ea4c94209af2ea277a66b066e7970331bc6f68b3c34b25bd1e6d","sha512":"17d94aab4de011071acdaf1e72470cc264b0e39962f214b6c405d87673172d8a54ab6474b7b39d066178db50336a6e5573b756064b3fd92ef35bc0c7300831a5","ssdeep":"","tlshash":"a1f075012481be10e1b0045a22f6e19e2938a56c2c4e28221a400eca78a1b224ec7006","first_seen":"2024-07-30T05:07:23Z","last_seen":"2024-08-19T15:18:43.301122Z","times_seen":8738,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:31.841326074Z","timestamp":1722332671841,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"61A47554EB6DB3AC87779825845D4D458EFEEB1C1833C7E9AF01E2FD6014E4CB\"\r\nLast-Modified: Mon, 29 Jul 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2643\r\nExpires: Tue, 30 Jul 2024 10:28:34 GMT\r\nDate: Tue, 30 Jul 2024 09:44:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1d047e3b166ee35938a43c55f20ee111","sha1":"7880600b5415b4843047ef21d177aed6d4ad053f","sha256":"61a47554eb6db3ac87779825845d4d458efeeb1c1833c7e9af01e2fd6014e4cb","sha512":"182f98099121a5c5648d8b8e2bd3620615f4492268ea403335f839bedafb521930f4e07c36f4d369290342b9eb8d125bc9cd7cf13a18abd0213cd26b4efbf71c","ssdeep":"","tlshash":"34f054fe01543e006a32276695f7e21b3c317e7a34a098c3345103f57012bfc8599a3b","first_seen":"2024-07-30T06:29:58Z","last_seen":"2024-08-19T15:20:44.127078Z","times_seen":16333,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:32.1539508Z","timestamp":1722332672153,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E9E51DA5ED2854A5EAD2219E70B950CCAC93EFD228BDD965F3A116EE600F390B\"\r\nLast-Modified: Mon, 29 Jul 2024 18:26:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12963\r\nExpires: Tue, 30 Jul 2024 13:20:35 GMT\r\nDate: Tue, 30 Jul 2024 09:44:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"12b3b90abdd8ddc5edfc58288f11925f","sha1":"8093a9a5520def1c87fd60aab5c3636f305224d2","sha256":"e9e51da5ed2854a5ead2219e70b950ccac93efd228bdd965f3a116ee600f390b","sha512":"ef64588e30a845df457929a80bdb26f3f5c404cfe9bfcd21dfe3d7369026827acc6bd7fa73abc2f9befba03b5d542ed72fde6cd66560861d6e99fd31c3bcc584","ssdeep":"","tlshash":"ebf0054605eb7a225777140627eeca5f1d15bcdc784482fd24c006d13d117e25bc204e","first_seen":"2024-07-30T01:27:04Z","last_seen":"2024-08-19T15:19:20.609236Z","times_seen":18717,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.249","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:32.475634345Z","timestamp":1722332672475,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7EB46BD061B6FBB7C5BF83417FD63FA53F987178C15FB5E57AE7AB0240FEEBC7\"\r\nLast-Modified: Mon, 29 Jul 2024 18:57:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7940\r\nExpires: Tue, 30 Jul 2024 11:56:52 GMT\r\nDate: Tue, 30 Jul 2024 09:44:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"00599d2586dd7bc94597291537a481ae","sha1":"13c2d4ddb37b39106e478de2de141a7063468dd7","sha256":"7eb46bd061b6fbb7c5bf83417fd63fa53f987178c15fb5e57ae7ab0240feebc7","sha512":"3d9ac4deb40f3b1fa3dd351e24f99963a72c8c4d52a64b4b2d54bd69eeb654ac5b0ec80bd29b3efdcadc93cfedca2d48ce6f80a3fb94d90e922d4d35ab8d1410","ssdeep":"","tlshash":"c3f0052e11d0fd41b57505197494c2373d367ebd7c9469e877c401d31420797214d0ec","first_seen":"2024-07-29T23:44:57Z","last_seen":"2024-08-19T15:20:00.51017Z","times_seen":19473,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pazmarketing.com/001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f","fqdn":"www.pazmarketing.com","domain":"pazmarketing.com","tld":"com"},"ip":{"addr":"172.67.148.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-30T09:44:33.033Z","timestamp":1722332673033,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pazmarketing.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Wed, 24 Jan 2024 00:00:00 GMT","end":"Tue, 31 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"F7:B4:2F:D0:10:E9:D8:0B:57:62:47:38:68:88:A9:4C:80:9C:84:12","sha256":"11:98:D9:D8:45:9D:6B:B6:7F:8F:2E:44:DD:7E:44:21:EB:16:FB:33:17:AB:22:28:C0:CF:F3:15:DA:16:73:A5"}}},"request":{"raw":"GET /001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f HTTP/1.1\r\nHost: www.pazmarketing.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 30 Jul 2024 09:44:33 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Tue, 30 Jul 2024 10:44:32 GMT\r\nLocation: https://www.pazmarketing.com/001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=V%2FQxA3B86J9L4idShSBFU6WoiIVSMhawaqpKvNSLbj%2BfFM1mt%2F2bM2cN4QsSfDQYKehW9VdndjLQU5DUnaQ9sw1EGd6vcwRQwtdQnIh8CdhCcBfPFiRkoRL8oO2XFS5775U7yrVIvg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8ab46926288b56ab-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":167,"size_decoded":167,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0104c301c5e02bd6148b8703d19b3a73","sha1":"7436e0b4b1f8c222c38069890b75fa2baf9ca620","sha256":"446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f","sha512":"84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf","ssdeep":"","tlshash":"c4c08cad6b523c98b8a73b3960c3a1a0e2ec803022d9042202b04a07f0cb1e78ec23d1","first_seen":"2023-04-05T06:32:17Z","last_seen":"2025-09-21T18:05:05.674757Z","times_seen":190494,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:34.470132535Z","timestamp":1722332674470,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C019BBD4244B83F2EFB9F2C82868B9A35EE0351083F4EB2B637904E45CAA0FF\"\r\nLast-Modified: Mon, 29 Jul 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4991\r\nExpires: Tue, 30 Jul 2024 11:07:45 GMT\r\nDate: Tue, 30 Jul 2024 09:44:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3bcd70e3c9d0d4edf43c4f35306f7898","sha1":"8334db3317d065d5811e8826adecfd876f29ef3b","sha256":"5c019bbd4244b83f2efb9f2c82868b9a35ee0351083f4eb2b637904e45caa0ff","sha512":"b7711a24def3c742eb9303633e1ebd21d32c741c13a010a9d3c00b6461a5e4f95478732a5a8bddfa4b93fb7dd2a7cb24eea7de92d8089da3752bb7ee48872d6d","ssdeep":"","tlshash":"7df00e9702723ad1b33814231cc8f22a2a3251a9765ef9d9b8d88ae455203e523a019a","first_seen":"2024-07-30T05:34:59Z","last_seen":"2024-08-19T15:20:44.133136Z","times_seen":26025,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:34.473256639Z","timestamp":1722332674473,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C019BBD4244B83F2EFB9F2C82868B9A35EE0351083F4EB2B637904E45CAA0FF\"\r\nLast-Modified: Mon, 29 Jul 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4991\r\nExpires: Tue, 30 Jul 2024 11:07:45 GMT\r\nDate: Tue, 30 Jul 2024 09:44:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3bcd70e3c9d0d4edf43c4f35306f7898","sha1":"8334db3317d065d5811e8826adecfd876f29ef3b","sha256":"5c019bbd4244b83f2efb9f2c82868b9a35ee0351083f4eb2b637904e45caa0ff","sha512":"b7711a24def3c742eb9303633e1ebd21d32c741c13a010a9d3c00b6461a5e4f95478732a5a8bddfa4b93fb7dd2a7cb24eea7de92d8089da3752bb7ee48872d6d","ssdeep":"","tlshash":"7df00e9702723ad1b33814231cc8f22a2a3251a9765ef9d9b8d88ae455203e523a019a","first_seen":"2024-07-30T05:34:59Z","last_seen":"2024-08-19T15:20:44.133136Z","times_seen":26025,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-30T09:44:34.474686533Z","timestamp":1722332674474,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C019BBD4244B83F2EFB9F2C82868B9A35EE0351083F4EB2B637904E45CAA0FF\"\r\nLast-Modified: Mon, 29 Jul 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4991\r\nExpires: Tue, 30 Jul 2024 11:07:45 GMT\r\nDate: Tue, 30 Jul 2024 09:44:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3bcd70e3c9d0d4edf43c4f35306f7898","sha1":"8334db3317d065d5811e8826adecfd876f29ef3b","sha256":"5c019bbd4244b83f2efb9f2c82868b9a35ee0351083f4eb2b637904e45caa0ff","sha512":"b7711a24def3c742eb9303633e1ebd21d32c741c13a010a9d3c00b6461a5e4f95478732a5a8bddfa4b93fb7dd2a7cb24eea7de92d8089da3752bb7ee48872d6d","ssdeep":"","tlshash":"7df00e9702723ad1b33814231cc8f22a2a3251a9765ef9d9b8d88ae455203e523a019a","first_seen":"2024-07-30T05:34:59Z","last_seen":"2024-08-19T15:20:44.133136Z","times_seen":26025,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pazmarketing.com/favicon.ico","fqdn":"www.pazmarketing.com","domain":"pazmarketing.com","tld":"com"},"ip":{"addr":"104.21.29.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.pazmarketing.com/001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f","date":"2024-07-30T09:44:33.311Z","timestamp":1722332673311,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pazmarketing.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Wed, 24 Jan 2024 00:00:00 GMT","end":"Tue, 31 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"F7:B4:2F:D0:10:E9:D8:0B:57:62:47:38:68:88:A9:4C:80:9C:84:12","sha256":"11:98:D9:D8:45:9D:6B:B6:7F:8F:2E:44:DD:7E:44:21:EB:16:FB:33:17:AB:22:28:C0:CF:F3:15:DA:16:73:A5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.pazmarketing.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pazmarketing.com/001/lordchosen/L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 30 Jul 2024 09:44:33 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 19 Jun 2022 19:44:30 GMT\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=MY9wWpAJRcDtZo8XyLF%2F7hWQJJUj1Ss%2FeT907BM9E1amm45Ue7w%2BQQ5pWhpk7qYqrIxOCz0cXUjSzv2a2jlHyjyyj20bA9NQL0wrqSh%2BYfGwP75zB0fucZZTPUH8rpG%2FbijtyGGyXQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8ab469282c8a1bfa-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":920,"size_decoded":746,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dbf8ec3db1d4b93b848197591827939c","sha1":"2e12f671d6101f52060133c32f8d359af756f9b2","sha256":"63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666","sha512":"6be36399f1b84b3c1969a6498ff31f9cfbd3c660a6fe99ccd2a18339f9c62a68e810b93a7439de71ca33f9831cad37c43306415012541dd809928f5597acce83","ssdeep":"","tlshash":"7c01150bc480191be1334122bac2f7046315e555238b5da17ece5967dfc8f6496d77cc","first_seen":"2023-03-08T08:24:48Z","last_seen":"2026-05-24T15:25:26.788996Z","times_seen":12873,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pazmarketing.com/001/lordchosen/?login=aleksandr.tcybenko@lukoil-overseas.com/79Ci511722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1eAA5b11722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1e01A331722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd12i74GG1722314489cfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302e1Hb5C41722324277bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9","fqdn":"www.pazmarketing.com","domain":"pazmarketing.com","tld":"com"},"ip":{"addr":"104.21.29.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-30T09:44:32.253Z","timestamp":1722332672253,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pazmarketing.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Wed, 24 Jan 2024 00:00:00 GMT","end":"Tue, 31 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"F7:B4:2F:D0:10:E9:D8:0B:57:62:47:38:68:88:A9:4C:80:9C:84:12","sha256":"11:98:D9:D8:45:9D:6B:B6:7F:8F:2E:44:DD:7E:44:21:EB:16:FB:33:17:AB:22:28:C0:CF:F3:15:DA:16:73:A5"}}},"request":{"raw":"GET /001/lordchosen/?login=aleksandr.tcybenko@lukoil-overseas.com/79Ci511722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1eAA5b11722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1e01A331722314488b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd1b15f16d8206ee3b7210132eecaeffbd12i74GG1722314489cfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302ecfd1a51fcee6aa3f9317cad5af8e302e1Hb5C41722324277bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9bda1f5b8e09799586321225cd8959ce9 HTTP/1.1\r\nHost: www.pazmarketing.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 30 Jul 2024 09:44:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: L74AAG1722332672b370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6fb370cc5b00422171ee4489834264df6f\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QbBzoPqpxTFK2iu4XlwKh%2BDytd%2FGEP1MwN4gyW%2BbK7Zu7mImyENulkaq2MvPD4weBEHBpVxiw3G8SsB9Ty21VHTiMQa7ydQH8s1goGHuG0otgKOQVd0LsqlKH5uVC1tQcMnt4H8tiw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8ab46921affd1bfa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":746,"size_decoded":746,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T17:07:59.023654Z","times_seen":15665480,"resource_available":true,"data":null}},"time_used":422,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":390,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-30","alert":"Sinkholed","trigger":"pazmarketing.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}