{"report_id":"414a001e-3f3f-497f-a52a-e75fee5f0ed4","version":6,"status":"done","tags":[],"date":"2024-07-23T07:38:30Z","url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"title":"WARNING"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T08:37:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":8,"received_data":67279,"sent_data":4135,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-07-22 18:21:53","alert_count":0,"request_count":5,"received_data":3497,"sent_data":1625,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-07-22 18:16:59","alert_count":0,"request_count":3,"received_data":50022,"sent_data":1652,"comment":"","tags":null,"fingerprints":null},{"fqdn":"e6.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 08:35:09","last_seen":"2024-07-22 18:12:42","alert_count":0,"request_count":1,"received_data":727,"sent_data":326,"comment":"","tags":null,"fingerprints":null},{"fqdn":"notix.io","ip":{"addr":"139.45.197.227","port":0,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-08-20","domain_rank":14765,"first_seen":"2020-08-20 15:14:00","last_seen":"2024-07-22 09:29:10","alert_count":1,"request_count":2,"received_data":45156,"sent_data":979,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-07-22 21:01:27","alert_count":0,"request_count":1,"received_data":6594,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-22 18:12:14","alert_count":0,"request_count":5,"received_data":4436,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"Public Nextron YARA rules","scan_date":"2024-07-23","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"notix.io/ent/current/enot.min.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}}]},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T22:30:37.931173Z","times_seen":14494967,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/scripts/bbms.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d28b6cbe87e8f21c3f3b924ad2fce84","sha1":"a0fcb29b5007430efcedea382a71414b19a5700c","sha256":"1fe518c0a3dc387ca3984382c6ed29c0c2c1018b40547523a619666040b3e760","sha512":"a86ab81c6579b60dcf8d80328b191f3780d4b234773f47d0089f3831ab2dea5b92c79ab74b2ab7dc23a86025fe15e73d28bb68f1f8d6b26af1aa119e18faf8a0","ssdeep":"","tlshash":"61d0a79f141d25348aa3b955c9ef602c2867b2e81a13a545364d9a25072930d911d99d","size":237,"data":"","first_seen":"2023-03-07T01:27:14Z","last_seen":"2024-10-26T18:09:40.090635Z","times_seen":756,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T22:30:37.931173Z","times_seen":14494967,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/js/jquery.min.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a49f85f5a02fa6fe11126720da50874","sha1":"22d7cc863dff0e664cee95c7b42b2f2066114788","sha256":"9efc83acac2e60262a78810abf089aed8e5a2832d64b0977ab0e2922fd01021f","sha512":"f47eb5daa3ee1342c574012ab98020c05c8912917113510b3a273b45c0435b942ea56062835a4ace2f150777b7c6804832dcd5e969aafade4061091c9fe882b2","ssdeep":"1536:AYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7Wp/PEWBZPBJda4w9W3qG9aX:b4J+rlfOhWp/PDCW6G9a98HrU","tlshash":"5593e7c9b7c67052976734a850bf510bf17a99dab40c4c60e068d4e47eb4a8e907bf3c","size":92110,"data":"","first_seen":"2023-05-20T12:56:56Z","last_seen":"2024-10-26T18:09:40.092602Z","times_seen":736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/js/main.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3ed5ac7dda566870186c4c8e6cf0dcd","sha1":"116f6823fde2478b194b03cc9c160e8c1a175d45","sha256":"ee975a46a04968de8e8cc99c8a7784e05be0d2347245f6cefe4bd9072d319e7d","sha512":"c4deb36b052c7a9f6f6409e8a490a5c5fe0049924c074e98b4f6d41823fb1eee7aea4f0e782775085d7a48d5cccb2ea9d12cad74d9e1d57736fe2725c60cdc5d","ssdeep":"","tlshash":"3211593c0b2b3a460da05e7e13cde448565ff817704a49262cedb8d0e8ddd59c095e2b","size":838,"data":"","first_seen":"2023-05-20T12:56:56Z","last_seen":"2024-12-16T05:15:09.150067Z","times_seen":737,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"notix.io/ent/current/enot.min.js","fqdn":"notix.io","domain":"notix.io","tld":"io"},"ip":{"addr":"139.45.197.227","port":0,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a3ae56c31a58c28e606e1e069a21059","sha1":"ea3cdfcda002044373d2090e1745f83a15b82d17","sha256":"6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55","sha512":"c30fd5573663ff878026630684b7b9b80bea7736db0c9b8bbcb1740dfa63d8c1cf79d151244afeffd8454e598fcb50d918482c108923872f16fdb0d60b263d13","ssdeep":"3072:dMk6Iy3kf74OpU1Ng5WpFfZ7pRhxY+VOgWGrrKO7jaz+ojITs2siKAV:dMvLOpU1SWpFfZ7pRhxP7mz+ojITjKAV","tlshash":"3ae3948077d0ec9d1787f776bb2ba0e5f44b0a6839c4880bd181fc50199d62beda99f4","size":145421,"data":"","first_seen":"2024-03-06T08:52:05Z","last_seen":"2026-05-01T15:24:59.932239Z","times_seen":1302,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:04.619442612Z","timestamp":1721720284619,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"778D02DECABF7DFF03BF5EC4C4EB0F03AC789E89BCFE58353C266C9D66C08834\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2872\r\nExpires: Tue, 23 Jul 2024 08:25:56 GMT\r\nDate: Tue, 23 Jul 2024 07:38:04 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2f796f6340ac7eef4fa2891ac8f8aa1a","sha1":"27bbc7bb6314b31dcab89f198bc258b040593aa7","sha256":"778d02decabf7dff03bf5ec4c4eb0f03ac789e89bcfe58353c266c9d66c08834","sha512":"332ad8103818d77a6436e42ee756dd6f241b844dc98a7a67b52d01d5541c140e9d3ddabc315afe1c9ea0e094ffa1873c666c65f61ad0a938ca34950b4c0ef429","ssdeep":"","tlshash":"c5f0754600d4bc047fa4051b45e0c2391a30aff84e423fc039d849f1d800f796c8894d","first_seen":"2024-07-21T00:49:07Z","last_seen":"2024-08-19T16:14:10.849697Z","times_seen":22664,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:04.621966369Z","timestamp":1721720284621,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"FB270CF16706247ADDE7EFD430FE667555CB37EE35EAE763593424A17C624BCD\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12976\r\nExpires: Tue, 23 Jul 2024 11:14:20 GMT\r\nDate: Tue, 23 Jul 2024 07:38:04 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f58a4b489ef65eff7896802c87e363e7","sha1":"e7287b89b56c66407955bf95bd03133d2e5945d1","sha256":"fb270cf16706247adde7efd430fe667555cb37ee35eae763593424a17c624bcd","sha512":"c065e9f7dd5fe8977e62fc53b2f8f282b9822e5b2da8f892a233a215b0084cb15dcfab72538f71c8b0abfb53fca418c8387e9881640f5d7ec16e245ded101811","ssdeep":"","tlshash":"f5f00548132ebac0bf3d1a261694d5182d24fdfe140828f1ddd441e235e6f993a5c416","first_seen":"2024-07-20T23:43:01Z","last_seen":"2024-08-19T16:14:35.910582Z","times_seen":17507,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.060854453Z","timestamp":1721720285060,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"60C84BB6C568871D3FEBE1E58C6AEDF398FA06F5F7AFC3E6087200BE0A25AD3F\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2567\r\nExpires: Tue, 23 Jul 2024 08:20:52 GMT\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"85a291090b5db764a5b5f1487dcb958f","sha1":"9dadf7a0a7d6be86e491a10bbbc72c84f798cab9","sha256":"60c84bb6c568871d3febe1e58c6aedf398fa06f5f7afc3e6087200be0a25ad3f","sha512":"54d2b0b7b54d879ca308df969971761efbe43c7f3ac4178738778d17c9dd8181afcacde6e9a392d04028e09823c1e47026a4585f64276592308190948173eba4","ssdeep":"","tlshash":"f9f00e170bf63d4077712a42e7e2c27e0b24ddabf801963e649442a66418bfa2fc8099","first_seen":"2024-07-21T01:22:15Z","last_seen":"2024-08-19T16:13:52.205448Z","times_seen":22689,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.328177096Z","timestamp":1721720285328,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/ HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1177,"size_decoded":2534,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2ccf871844c742a75211145e3ebfe8a8","sha1":"0d32194a994d5ee5a57d8882d8c5ba0a166a33b6","sha256":"37bfd26b193beb48ecda81d56b5f94faa4e18b7aeb866e97fb7eb8206b8575fa","sha512":"0e24d29bee4575936cc18854546e77676eeb8ca25dc49698e3336033a6ae994bc9926bd3339ac1d55921c9495549330c94f395b97e57ebecf2d2006826380f02","ssdeep":"","tlshash":"29519519368ed0a7033392d35032f75cb4dfda2a9b22802570fd563b1bf6f84690a945","first_seen":"2024-07-02T23:12:44Z","last_seen":"2024-10-26T18:09:40.088572Z","times_seen":113,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.455415358Z","timestamp":1721720285455,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"951AE19E1EB066355BF55FF2163F6D14B689088FA3DD443FB01D889BB28FE095\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6347\r\nExpires: Tue, 23 Jul 2024 09:23:52 GMT\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41b470cfcb4d809b7689783076e07c76","sha1":"919b05dba2523cc4b8e9a6e873fe777fd753ee1b","sha256":"951ae19e1eb066355bf55ff2163f6d14b689088fa3dd443fb01d889bb28fe095","sha512":"dce19fad3a25686ec442ada5c3d462174a63f1fc17cf331d3690797222d4adb87c567235eda21ab6512379198277a0b73584283849c33439892ee919e093005d","ssdeep":"","tlshash":"eaf0054185d97f803760081a7ed5e1083e309f6ca4910fd4819046c72062bca5b940d8","first_seen":"2024-07-21T05:06:08Z","last_seen":"2024-08-19T16:13:24.436694Z","times_seen":17054,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/css/style.css","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.726472265Z","timestamp":1721720285726,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/css/style.css HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 01 Nov 2023 20:08:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6542b05a-1077\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1051,"size_decoded":4215,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"beef0c0ce13f25f65a84019bebe6378b","sha1":"2f95dd2d3ba5e1c848487a4e28199d3ad32037df","sha256":"1f3ad9786b942cf941cdbdb71e8fedaef63dbef237ce767e61229c838b46cb14","sha512":"9329b6bc0d33edb7c190b9cf7ab1341e0ceb0a9ef131a922abc30ea8f6f12e9f99af98390ce23781fc7a3775bd4e68c5c4512460e4ba385dd3cdf3de51342993","ssdeep":"48:xfoB63QUjX8PBwliENQ+3P/EeP0Jhl5SeWP/UjM0P0lhP03J2n977P0NVFxoYWOW:xdX8SJB3P/m15WP/gMP4MntiVFxRw0e","tlshash":"0d9101a5d101220152339ea453952a2afbe8d0738b4723f97dce404dd7cba8987e1fdd","first_seen":"2023-06-06T22:50:33Z","last_seen":"2024-12-16T05:15:09.143988Z","times_seen":427,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/scripts/bbms.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.767323024Z","timestamp":1721720285767,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/scripts/bbms.js HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 01 Nov 2023 15:08:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"65426a0a-ed\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":170,"size_decoded":237,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"7d28b6cbe87e8f21c3f3b924ad2fce84","sha1":"a0fcb29b5007430efcedea382a71414b19a5700c","sha256":"1fe518c0a3dc387ca3984382c6ed29c0c2c1018b40547523a619666040b3e760","sha512":"a86ab81c6579b60dcf8d80328b191f3780d4b234773f47d0089f3831ab2dea5b92c79ab74b2ab7dc23a86025fe15e73d28bb68f1f8d6b26af1aa119e18faf8a0","ssdeep":"","tlshash":"61d0a79f141d25348aa3b955c9ef602c2867b2e81a13a545364d9a25072930d911d99d","first_seen":"2023-03-07T01:27:14Z","last_seen":"2024-10-26T18:09:40.090635Z","times_seen":756,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.832938872Z","timestamp":1721720285832,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"b714f7555261dae938703c6c875d7a69","sha1":"d78e8e797a223230dc73e953e24d0ecea1d73a43","sha256":"8c5737de70ae9e51eaf041c6b7d47966d13d040723de8d5a2d0bcc0a9c51a0b1","sha512":"2c879dea0245907581c8e0186b4e21c0992b43e96da2301e33e63ff4e483e086d62ac293b601b5c30bc410c96ee6c86a57968efe5dc89643133c188db564ae05","ssdeep":"","tlshash":"53f0bbf87172bd414f1244017f8dd87c68185dec0d0949a472fc41c005817ff2200717","first_seen":"2024-07-22T18:04:29Z","last_seen":"2024-08-19T16:05:07.706022Z","times_seen":1685,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/js/main.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.886437053Z","timestamp":1721720285886,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/js/main.js HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 01 Nov 2023 15:08:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"65426a0a-346\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":405,"size_decoded":838,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c3ed5ac7dda566870186c4c8e6cf0dcd","sha1":"116f6823fde2478b194b03cc9c160e8c1a175d45","sha256":"ee975a46a04968de8e8cc99c8a7784e05be0d2347245f6cefe4bd9072d319e7d","sha512":"c4deb36b052c7a9f6f6409e8a490a5c5fe0049924c074e98b4f6d41823fb1eee7aea4f0e782775085d7a48d5cccb2ea9d12cad74d9e1d57736fe2725c60cdc5d","ssdeep":"","tlshash":"3211593c0b2b3a460da05e7e13cde448565ff817704a49262cedb8d0e8ddd59c095e2b","first_seen":"2023-05-20T12:56:56Z","last_seen":"2024-12-16T05:15:09.150067Z","times_seen":737,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/images/close_icon.png","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.917481284Z","timestamp":1721720285917,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/images/close_icon.png HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: image/png\r\nContent-Length: 248\r\nLast-Modified: Wed, 01 Nov 2023 20:08:58 GMT\r\nConnection: keep-alive\r\nETag: \"6542b05a-f8\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":248,"size_decoded":248,"mime_type":"image/png","magic":"PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced","md5":"eaf98c5e61ff92dcfd5568474e1f8d09","sha1":"bb5a1dae13cf4c1de3111642d9132a89c453727a","sha256":"dc02cbd81ea7799f019a1687f57a2e0b2941a5c1d28bcd8b3aa2f89fb77e07a8","sha512":"a4f6585d0446675684692cdf7d100238d7b8981b7da6a8b7551ec2416406f5edad71fc7e525a6d2a6c158601371328910e9937b14bd8322e53db7112ebe5d5ca","ssdeep":"","tlshash":"8ed095d537551c3d85068f5f59790017e579154a4c0145075eb01d04bc1584dc046313","first_seen":"2023-06-06T22:50:33Z","last_seen":"2024-12-16T05:15:09.153685Z","times_seen":755,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/images/warning_icon.png","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.91846076Z","timestamp":1721720285918,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/images/warning_icon.png HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: image/png\r\nContent-Length: 1457\r\nLast-Modified: Wed, 01 Nov 2023 20:08:58 GMT\r\nConnection: keep-alive\r\nETag: \"6542b05a-5b1\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1457,"size_decoded":1457,"mime_type":"image/png","magic":"PNG image data, 107 x 94, 8-bit/color RGBA, non-interlaced","md5":"3b9478bb5dc9a8fb3c5b80df7bcb8200","sha1":"e553d00e0d91f52ae972549227f94a87c6b60947","sha256":"2f09f151cb4af02177af559872b142d1898830598fe5866012189c2c616b06dd","sha512":"d27332a18e22cc43a8e3b7532e0f150ab6739e0f56095706eba79ae0f575526b20880fe2e50186bb368591797d94266cb9d4283ae07907f1d90dfb5ec476d956","ssdeep":"","tlshash":"f231c793b9882873e401ca2b99d607b278e55a0960140c1d1b878dd32854ea2b8ae9ba","first_seen":"2023-06-06T22:50:33Z","last_seen":"2024-12-16T05:15:09.15578Z","times_seen":756,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/js/jquery.min.js","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.949727573Z","timestamp":1721720285949,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/js/jquery.min.js HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 01 Nov 2023 15:08:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"65426a0a-167ce\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":32081,"size_decoded":92110,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators","md5":"4a49f85f5a02fa6fe11126720da50874","sha1":"22d7cc863dff0e664cee95c7b42b2f2066114788","sha256":"9efc83acac2e60262a78810abf089aed8e5a2832d64b0977ab0e2922fd01021f","sha512":"f47eb5daa3ee1342c574012ab98020c05c8912917113510b3a273b45c0435b942ea56062835a4ace2f150777b7c6804832dcd5e969aafade4061091c9fe882b2","ssdeep":"1536:AYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7Wp/PEWBZPBJda4w9W3qG9aX:b4J+rlfOhWp/PDCW6G9a98HrU","tlshash":"5593e7c9b7c67052976734a850bf510bf17a99dab40c4c60e068d4e47eb4a8e907bf3c","first_seen":"2023-05-20T12:56:56Z","last_seen":"2024-10-26T18:09:40.092602Z","times_seen":736,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/images/android.png","fqdn":"cqflra6sk0es73fjen1g.security-updater-now.com","domain":"security-updater-now.com","tld":"com"},"ip":{"addr":"78.47.114.255","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.963152169Z","timestamp":1721720285963,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /blocker/Blocker5_2/images/android.png HTTP/1.1\r\nHost: cqflra6sk0es73fjen1g.security-updater-now.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nContent-Type: image/png\r\nContent-Length: 28700\r\nLast-Modified: Wed, 01 Nov 2023 20:08:58 GMT\r\nConnection: keep-alive\r\nETag: \"6542b05a-701c\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":28700,"size_decoded":28700,"mime_type":"image/png","magic":"PNG image data, 144 x 148, 8-bit/color RGBA, non-interlaced","md5":"f75de32d9451cc905a7b3a6c34a72914","sha1":"2044c1233cfbecbe1606349f3ad218186d540134","sha256":"d94f23d6bd7b27a0e2923b621132bf2d30cc8ec9e59d36d542b59709579a2c1f","sha512":"8e65eaf6bf1618f50e35445ce9401d26de3571ea3b027e11b5b95b12f5cc66617043fad4907f887e219dafdd47a03030e9a11747d6945605e29aad08a0adae14","ssdeep":"384:oH5pslIhdKWFjRouKknjkwlvcCR0XmuHMkhJeToxQ7Zg/3D/GGya5alUeXtv4UyX:oHzG3WTkwlvcCmHEziGTa8lhtv4SVRe","tlshash":"79d2f1eb4e849723abf0ac13714020c25a517d827463fbccadb93bb57d94ac01c99d9e","first_seen":"2023-06-06T22:50:33Z","last_seen":"2024-12-16T05:15:09.158217Z","times_seen":756,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:05.987821422Z","timestamp":1721720285987,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 23 Jul 2024 07:38:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"b714f7555261dae938703c6c875d7a69","sha1":"d78e8e797a223230dc73e953e24d0ecea1d73a43","sha256":"8c5737de70ae9e51eaf041c6b7d47966d13d040723de8d5a2d0bcc0a9c51a0b1","sha512":"2c879dea0245907581c8e0186b4e21c0992b43e96da2301e33e63ff4e483e086d62ac293b601b5c30bc410c96ee6c86a57968efe5dc89643133c188db564ae05","ssdeep":"","tlshash":"53f0bbf87172bd414f1244017f8dd87c68185dec0d0949a472fc41c005817ff2200717","first_seen":"2024-07-22T18:04:29Z","last_seen":"2024-08-19T16:05:07.706022Z","times_seen":1685,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.075327316Z","timestamp":1721720286075,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 23 Jul 2024 07:38:06 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"e6c314eb686bed253260c40e91dc5c35","sha1":"da964f06c2a99fb18fd4a260fcf87ce56083b0a8","sha256":"0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85","sha512":"d9f1a234e04981e342e067ed746e5fc84020b7b776fdbf4ca380c0bb15e7a95b600a2f65a1f986e53b61f008260cd44000a409b659aac7129691c02e5a598300","ssdeep":"","tlshash":"02f0d4e116f65f58df039c0425c9e4383420659418486f85247cc575254b365965aabe","first_seen":"2024-07-22T18:02:07Z","last_seen":"2024-08-19T16:05:11.967391Z","times_seen":1580,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.092391726Z","timestamp":1721720286092,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 23 Jul 2024 07:38:06 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"e6c314eb686bed253260c40e91dc5c35","sha1":"da964f06c2a99fb18fd4a260fcf87ce56083b0a8","sha256":"0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85","sha512":"d9f1a234e04981e342e067ed746e5fc84020b7b776fdbf4ca380c0bb15e7a95b600a2f65a1f986e53b61f008260cd44000a409b659aac7129691c02e5a598300","ssdeep":"","tlshash":"02f0d4e116f65f58df039c0425c9e4383420659418486f85247cc575254b365965aabe","first_seen":"2024-07-22T18:02:07Z","last_seen":"2024-08-19T16:05:11.967391Z","times_seen":1580,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","date":"2024-07-23T07:38:06.029Z","timestamp":1721720286029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:40:48 GMT","end":"Mon, 16 Sep 2024 07:40:47 GMT"},"fingerprint":{"sha1":"EE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09","sha256":"80:46:05:65:FA:46:71:F0:C8:C9:A7:E0:2D:EE:D7:76:28:5D:5F:0D:8C:F4:F2:15:94:AF:BC:F6:7C:89:11:98"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cqflra6sk0es73fjen1g.security-updater-now.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15920\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jul 2024 15:53:27 GMT\r\nexpires: Thu, 17 Jul 2025 15:53:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 488679\r\nlast-modified: Wed, 11 May 2022 19:24:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15920,"size_decoded":15920,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15920, version 1.0","md5":"3a44e06eb954b96aa043227f3534189d","sha1":"23cef6993ddb2b2979e8e7647fc3763694e2ba7d","sha256":"b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e","sha512":"fab970b250dd88064730bd2603c530f3503abb0af4e4095786877f9660a159bf4ad98c5abea2e95eb39ae8c13417736b5772fcb9f87941ff5e0f383cb172997f","ssdeep":"384:sShqOXQlaSchOwK0uFvRqq3xR/xb5OY3aU/lHS9WE2YeK1os:sShJKaScJK0uFvRvxb5OY3aU/lHkmK","tlshash":"cc62cf5c6a901684c67c29b63b6d616be9a1cd50c2ab73904fdba317d30d3a1e0298fd","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-05-01T22:16:02.869142Z","times_seen":64489,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":55,"dns":1,"connect":7,"send":0,"wait":11,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cqflra6sk0es73fjen1g.security-updater-now.com/blocker/Blocker5_2/","date":"2024-07-23T07:38:06.031Z","timestamp":1721720286031,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:40:48 GMT","end":"Mon, 16 Sep 2024 07:40:47 GMT"},"fingerprint":{"sha1":"EE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09","sha256":"80:46:05:65:FA:46:71:F0:C8:C9:A7:E0:2D:EE:D7:76:28:5D:5F:0D:8C:F4:F2:15:94:AF:BC:F6:7C:89:11:98"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cqflra6sk0es73fjen1g.security-updater-now.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jul 2024 12:40:58 GMT\r\nexpires: Fri, 18 Jul 2025 12:40:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 413828\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":15744,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-05-01T22:16:02.859643Z","times_seen":159575,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":58,"dns":1,"connect":20,"send":0,"wait":9,"receive":7,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.116455272Z","timestamp":1721720286116,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:40:48 GMT","end":"Mon, 16 Sep 2024 07:40:47 GMT"},"fingerprint":{"sha1":"EE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09","sha256":"80:46:05:65:FA:46:71:F0:C8:C9:A7:E0:2D:EE:D7:76:28:5D:5F:0D:8C:F4:F2:15:94:AF:BC:F6:7C:89:11:98"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cqflra6sk0es73fjen1g.security-updater-now.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Jul 2024 09:25:36 GMT\r\nexpires: Tue, 22 Jul 2025 09:25:36 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nage: 79950\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":15860,"size_decoded":15860,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-05-01T22:04:40.182432Z","times_seen":90648,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"e6.o.lencr.org/","fqdn":"e6.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.18578752Z","timestamp":1721720286185,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: e6.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 344\r\nETag: \"7527DEB430082BA01C03C4F36D2A03F16962A9C176BF40FFC4227BA6F5921C6F\"\r\nLast-Modified: Sat, 20 Jul 2024 19:25:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9508\r\nExpires: Tue, 23 Jul 2024 10:16:34 GMT\r\nDate: Tue, 23 Jul 2024 07:38:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":344,"size_decoded":344,"mime_type":"application/octet-stream","magic":"data","md5":"aeb98077b7aacef726188546efd204d1","sha1":"022c05b2f940ab3ebfc03d9e34c76cf7f61dd4c1","sha256":"7527deb430082ba01c03c4f36d2a03f16962a9c176bf40ffc4227ba6f5921c6f","sha512":"3a36727ed41552a3ec62a93e548fe1d1f094e7adab54886ad40a97c595fd407636db4233ec97e9a2f2c6fc974e9913a735cdef758fe6cc1222526c624b8b262f","ssdeep":"","tlshash":"6ee0c0011e0cfd700724e5d05da5c4473a3112c95b146ec59c19d0debc8a31837248be","first_seen":"2024-07-21T05:17:21Z","last_seen":"2024-08-19T16:13:12.789633Z","times_seen":5,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.199379552Z","timestamp":1721720286199,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 23 Jul 2024 07:38:06 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"e6c314eb686bed253260c40e91dc5c35","sha1":"da964f06c2a99fb18fd4a260fcf87ce56083b0a8","sha256":"0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85","sha512":"d9f1a234e04981e342e067ed746e5fc84020b7b776fdbf4ca380c0bb15e7a95b600a2f65a1f986e53b61f008260cd44000a409b659aac7129691c02e5a598300","ssdeep":"","tlshash":"02f0d4e116f65f58df039c0425c9e4383420659418486f85247cc575254b365965aabe","first_seen":"2024-07-22T18:02:07Z","last_seen":"2024-08-19T16:05:11.967391Z","times_seen":1580,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"notix.io/ent/current/enot.min.js","fqdn":"notix.io","domain":"notix.io","tld":"io"},"ip":{"addr":"139.45.197.227","port":0,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.344503576Z","timestamp":1721720286344,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ent/current/enot.min.js HTTP/1.1\r\nHost: notix.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 23 Jul 2024 07:38:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 13 Mar 2024 11:17:39 GMT\r\netag: W/\"65f18b53-2380d\"\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":44106,"size_decoded":145567,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"94a898ff7c266c133a2810813f940b33","sha1":"026511c42b4031496b1882e4f52082ca779912cd","sha256":"cae4151607c3af930ead3889755b7b63fc587e48042d7ab60a430d0cb62d7efc","sha512":"7a8352da9e8784e268472a4a16796dcdfb19db3e7a7edd5e5fc0de616129cc04b523b78a65cd19c6555f9d13bf4c1789cc0d9f1e1df9d87c3d4e76a74d07eec4","ssdeep":"3072:dMk6Iy3kf74OpU1Ng5WpFfZ7pRhxY+VOgWGrrKO7jaz+ojITs2siKAF:dMvLOpU1SWpFfZ7pRhxP7mz+ojITjKAF","tlshash":"e4e3948077d0ec9d1787f776bb2ba0e5f44b0a6839c4880bd181fc50199d62beda99f4","first_seen":"2024-04-13T15:05:53Z","last_seen":"2024-10-20T20:29:54.087547Z","times_seen":68,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"Public Nextron YARA rules","scan_date":"2024-07-23","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"notix.io/ent/current/enot.min.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}}],"urlquery":null}},{"url":{"schema":"http","addr":"notix.io/settings?appId=1005f183164df77b0d72a2d487bc69b\u0026ver=0.16.4","fqdn":"notix.io","domain":"notix.io","tld":"io"},"ip":{"addr":"139.45.197.227","port":0,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:06.344793163Z","timestamp":1721720286344,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /settings?appId=1005f183164df77b0d72a2d487bc69b\u0026ver=0.16.4 HTTP/1.1\r\nHost: notix.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/\r\nOrigin: https://cqflra6sk0es73fjen1g.security-updater-now.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 23 Jul 2024 07:38:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 318\r\naccess-control-allow-origin: https://cqflra6sk0es73fjen1g.security-updater-now.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":318,"size_decoded":318,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"82b0c0f76512e60ea030da09ee18febf","sha1":"2c4b11e5713c2f7e6a3da2ef87a1c0c78c3da195","sha256":"a8ca49249ca90a131bba14405671cb243da2849145a3d8074b0b5c232c2b57d1","sha512":"2ffbb6931bf476a8574e5a085df2ac5867f949d235d079a6245c073ba92409b05e2b592b0c0102d5c21013ed7a8ae112b3e11817c8211090f467a579ea342045","ssdeep":"","tlshash":"2ce0c28f54e72ed257f79a72d65f099bd0f3901d48530ab26bfb8a0e009138e47d2229","first_seen":"2023-11-13T13:36:33Z","last_seen":"2026-04-26T11:49:25.70901Z","times_seen":1277,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:07.597471286Z","timestamp":1721720287597,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7609\r\nExpires: Tue, 23 Jul 2024 09:44:56 GMT\r\nDate: Tue, 23 Jul 2024 07:38:07 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:38:07.62095409Z","timestamp":1721720287620,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cqflra6sk0es73fjen1g.security-updater-now.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 23 Jul 2024 07:38:05 GMT\r\ndate: Tue, 23 Jul 2024 07:38:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":5964,"size_decoded":5964,"mime_type":"application/x-gzip","magic":"gzip compressed data, max compression","md5":"1a47edf19c34543f839c28b04b1cb36d","sha1":"7e6c1fd4772e896db12bef0200307e575b603ca2","sha256":"0f7795e635788d1cf857b28252d9e0987b17970b01c67ca710159e74504208a4","sha512":"f3620ea818c19c0a8cf05ee07d419b1727e4a9ef44d5ebf8c622ae4f8e4665c2f25ce87808691788e1583604da0d624bdda6756f4cc8e24252c2a38e6d9bdb03","ssdeep":"96:cSN8YQB4MEa1lpHHZLnlxXhF/ksQWYtmvFGZAppUXve1Vq/HePPXn7SYd+lUyW:BNqEMH1nlxLk95s9G+pCXvW0vePPXeYJ","tlshash":"35c1af08bbd38147f3bd5778335e40721b6e1fa58f01e7526486b99cd7294992730549","first_seen":"2024-08-19T16:00:57.744029Z","last_seen":"2024-08-19T16:00:57.744029Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}