{"report_id":"4961803e-fb60-412e-8174-e363aeae67ef","version":6,"status":"done","tags":[],"date":"2025-09-24T13:40:39Z","url":{"schema":"http","addr":"assetdelivery.pekora.zip","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"title":"Just a moment..."},"submit":{"url":{"schema":"http","addr":"assetdelivery.pekora.zip","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-29T13:40:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":4,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.095886+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1087},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":809,\"bytes_toclient\":3825,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56724,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.213139+0000\",\"flow_id\":1968482106223778,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56724,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56724},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":645,\"bytes_toclient\":839,\"start\":\"2025-09-24T13:40:00.142498+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.223585+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":40,\"bytes_toserver\":2558,\"bytes_toclient\":53760,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-09-21T22:11:32.411936Z","alert_count":0,"request_count":7,"received_data":531782,"sent_data":5015,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"assetdelivery.pekora.zip","ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":13,"request_count":6,"received_data":163214,"sent_data":3152,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.095886+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1087},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":809,\"bytes_toclient\":3825,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56724,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.213139+0000\",\"flow_id\":1968482106223778,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56724,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56724},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":645,\"bytes_toclient\":839,\"start\":\"2025-09-24T13:40:00.142498+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.223585+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":40,\"bytes_toserver\":2558,\"bytes_toclient\":53760,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1ee1a1e26f16d671e17813b391a7b235","sha1":"0948f5312d4be703f4803e793111e6f16432878f","sha256":"ceaf805ffa5dfc04a83ccbe5602654e5603d6ebbc3ba8c34a4af3d1b137a6f6f","sha512":"3e06267d842b133c8925cecacb71c3481944256c9c4b851f622b830ae12d44156dd887d8ffb44afc514b0d497b615cb2902bb474a028b21259a6ca3269aad5f9","ssdeep":"3:N/BKL1XFSEXVdr:eL1/7","tlshash":"bd5504c0f54034710510f5c1d15014757c0f0501105504d3715d34d517311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.427255Z","last_seen":"2025-09-24T13:41:01.427255Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55542a3cf04fbf3b791f360048857a1f","sha1":"8651641a6597639d51495a0ed1f5f6bb386c23d2","sha256":"23fe6a82b0638faccf1b89f089058300ae79ca64e8ec3ebec41dffff297d8cf4","sha512":"a6e2e789d57ef85aa7b446f743f645f598794aa4a42fb2081e0b3b734988cad3a930cb1f507e912cc04727fd928b76c58e068367aa2911cc5c091a7d3c72a934","ssdeep":"1536:Ct8wprIf37SnpjqsRCaS/YiE21hFAqjxP/MsF9ZbYJDIW8BrFBLLJkzjZ7k4xoyW:C+wI7OpeskaS/YBgFHjWQbYDM7LiCJyW","tlshash":"c2c3c58a38de399943722074143b3bcf62be7c4474194d1ce75099f8bce5b29a973da8","size":124714,"data":"","first_seen":"2025-09-24T13:41:01.422169Z","last_seen":"2025-09-24T13:41:01.422169Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.095886+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1087},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":809,\"bytes_toclient\":3825,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"682257fe18e08648bf243c673fca2418","sha1":"be1f2159ef33a1e8c08d33db1fb9b20266b797de","sha256":"4e804e5129cc7991da0dee8129f654b921d7865398be13ab9d744f00b9a0132e","sha512":"4232ff72fc23c7621c3a389b50b8a7ff504b862a905814ed839e5e1d0ef3d17a28887dc11967e1c8d7944f6c07f1aeb8048a28df44adf96c5f7ea8f0d907cfa9","ssdeep":"3:N/BKL1XFSEXVUQj:eL1/+w","tlshash":"8b5504c0754030710530d441f1513455fc0f450110754451715d14d417311350510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.429151Z","last_seen":"2025-09-24T13:41:01.429151Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"96342b31801db5be52105260dd0d9266","sha1":"773d6ee2769cb1bfbf79c1ab0ea953b6e14cff0b","sha256":"84118efa2d3b8c56275b2dc5dd803b8aed6fbe7bfc2504d3276bd92b4da32bb6","sha512":"ba727fe730c7c84ff01e40d8ee29685fe769db4d996a478c0071dacd2cf15e2695b5041f09c599616db2c0772fe544b6df33906d08208278d0707ba4eab1353d","ssdeep":"3:N/BKL1XFSEXVXM:eL1/y","tlshash":"b15504c0744030f10510d741d15035557c4f050110550451715d54d4173111105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.430787Z","last_seen":"2025-09-24T13:41:01.430787Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bd0157c629e1a54f1412ade2e507355f","sha1":"01b5458a8ca3f6e146651999403eeb8d51167e3d","sha256":"c195facf39c593f1df5035901cfa58f2dfff649c3ff665b764475d1c81ad57ba","sha512":"a4d28e4511f2ea2780854859290e7047e378c92341b7ff9dc0ebbf279b102519d59dddf374599bcdb814af44770ad2cc549897ad8f0d48c47a394a8935511c81","ssdeep":"3:N/BKL1XFSEXVQUP:eL1/6E","tlshash":"3d5504c0744030710510d441d150145d7c4f0501105504d5715f14d41f311110510554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.432413Z","last_seen":"2025-09-24T13:41:01.432413Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9842b0ef3b1dc759\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"efabaa95b574559b3237a8a290aecb1b","sha1":"24329410118709603acc5dc3a69df03e7bc461f3","sha256":"d74db4bba012c8c1f663ca82c87ee4fdbc5b6970e3e1a8d1bdfbb790e9b1e8a0","sha512":"e25dba1850d5101f1664b7ad98b1f2d9f88538ff68d1b7cc7d4cc31c965e337cddd0db249c74db2d69f7e7417aa7fda93acea114645a96f6232f232260479304","ssdeep":"1536:tSSLSBaqDKKyX8xeJVz1Np9FL3h1ZI2pedB+2QkHMqVXSVii4NZFaOW2spn0blpN:tSUgyTVzN9th1Z+xQk30Vii4NrT+Opd/","tlshash":"f8e3c88a34da769313767064103bbbdf727a3c84b0058c1cea419ce878e57596ee7de8","size":144194,"data":"","first_seen":"2025-09-24T13:41:01.418185Z","last_seen":"2025-09-24T13:41:01.418185Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"11037d47f0b3cd7311d65765cd669b19","sha1":"08e20aa3221c94b6e789ba668e221d204d9f14db","sha256":"cb9e405091e8f55bb927a8b7598a358840f63ee802c0c9514f0368a06e5413c9","sha512":"dfc0bf3a0fdbd6f4d4991a65a34a8291ad7d207a23dc6dd322bdd6bd8850582c22af512dda6000938aec9bde4e265838f3423209d3e7460b5ebb6b1ce83e0ff9","ssdeep":"3:N/BKL1XFSEXVTP:eL1/V","tlshash":"2b5504c0754030714514f441d15034557c0f054110550451715f14d4377111115105f0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.434206Z","last_seen":"2025-09-24T13:41:01.434206Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"081cd8f7ee9cef6a20e5f25690e9f8c5","sha1":"7b4a31d1ad450ebc976b7c32795bba30b17ed59b","sha256":"c259e1faf0770e06f31a8adfb3bc9f791dd215be0b4b29a137363fd98bc02603","sha512":"62b421c815ce336c1e93cb12a1196550a31f02d15dc8a03a8f5f6f56fc9c637c47f14b6fe9336e87dfd9b825a2f7cf692e83824226ccd14423cee8a00619a62a","ssdeep":"3:N/BKL1XFSEXUYU:eL1/UYU","tlshash":"825504c0744030710d10d441d55014f55c0f0401305555c1715d34d5173151105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.436572Z","last_seen":"2025-09-24T13:41:01.436572Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4b8330a3a04c77ae71b510b97bb96773","sha1":"a23ad7357446f2270ace707a45fbd795b0798414","sha256":"96459bf6af8767672bc29dbbd3ccf68336cfb4b77ea1e08eb1e9cb1fe4ed8a31","sha512":"e95a137afaf4f97a86cf4b55ee8fad011f4457a5a75fe50e1a981645deb7f3d1c6f6f2c2fb3c9af90e95696ae927ade64d99f44a86b6f010dacf91fc96ca7bb4","ssdeep":"3:N/BKL1XFSEXVTEQ:eL1/b","tlshash":"755504c074c030754510d441d15014557c0f0f0110550455715d15d4173111105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.438111Z","last_seen":"2025-09-24T13:41:01.438111Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d25c2a2529da23fa3d1f163ccc07a060","sha1":"07d3400e4e39b609b237413523a26526698a4f33","sha256":"2bf3d0ab21348190d4088e6e55cf0f87f2eb4b21772fbcff31680db7eacb9568","sha512":"3b209194ce4cae92126c49d6f53f442f3af345a27a60bf25aed0718bda9f81125a1d9fae9a09ef5b8b3a2a772a98c59013b50f3d74426182464976f536068b92","ssdeep":"3:N/BKL1XFSEXVSWx:eL1/4Q","tlshash":"415504c0744030731514d741d15114777c0f050110550453735d15d417311130510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.439603Z","last_seen":"2025-09-24T13:41:01.439603Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a20a0a390994f7d165c2d6ebb55b9396","sha1":"63a3c6ed8ed1f9f525f48b5a3f701fb177867f1e","sha256":"e022c0fc922ab9e6402cf1e364a31eceba5e982e0815541ae2fb28380db434dd","sha512":"dc0ea0dcb4294c00333e318e0a1e2c542b65a83d18b170a0959751f04e332c60594d104acca09d3fef87728d1eac17e2744b7e80d56ffd46c903cb9c7cb8ba1e","ssdeep":"3:N/BKL1XFSEXVSdn:eL1/4dn","tlshash":"005504c0744030710510d441d15414577c0f050110554451715d14dc17711111511550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.441581Z","last_seen":"2025-09-24T13:41:01.441581Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2259f8f6978bae17815d411b1aa4c2a9","sha1":"215e4301bb7ce7bb40b642fb40f9de5f677785c7","sha256":"1f4138e4c3e4f53714bdaacc5c49818ef907e554403fb51d421c0ad56ffcc4e6","sha512":"ef02d656184d97272a56fde128d07870e25af084ecf1e7bd80b1ebe74eb63bab159c82d9144afa821ea66a6d3afa929fffe321bf7f23c8875f06efd61c0323e5","ssdeep":"3:N/BKL1XFSEXUHvn:eL1/UP","tlshash":"125504c074c130710710d441d5501cd75c0f050110571541735d14d417311110510d50","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.444219Z","last_seen":"2025-09-24T13:41:01.444219Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7cb353b55f01030552f665dfb4d2b3a5","sha1":"c8ad6a6ba1a6b19004f006a2c91cabb273bd3531","sha256":"c92fe52044ddd549050f8fe1f6e7492cb1196847d727c07353486d4a7c39cd04","sha512":"e9f0780f59389c0d794e51b22ba91fd9e0a98205ac408d9f49b9203c4bc408609485956dec47b20aa10831ea68a5f5a6769af4624d442c348772b464f4ae1a7b","ssdeep":"3:N/BKL1XFSEXU7Un:eL1/U7U","tlshash":"c75504c0f44030710d10d541d75014755c1f040130551557755d14d5173111105105d4","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.445818Z","last_seen":"2025-09-24T13:41:01.445818Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aab2e515d2a24a754ce8755ac673edb5","sha1":"83212b4041d714612c2e835301e61eafed42d386","sha256":"7c738de837a3ad51aa5b42b7a244d74dc2eef88f486e0fb5c4d474e4d4a69118","sha512":"4985d7a906c1538f925be247cb77cd1cb6ce65347a535279aae91556871d5efd935c079b219a00f4a562376ecf370d3b3864d1cf824110c1de4b4efde009be0f","ssdeep":"3:N/BKL1XFSEXVRW:eL1/i","tlshash":"4c5504c07440f0710510d441d57014d57c0f050110571c51f15d14dc17311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.447568Z","last_seen":"2025-09-24T13:41:01.447568Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8fec9984097a52968f258281ffcfebb1","sha1":"097badb96f7f2614710d7912eaca0b495e5b9101","sha256":"90a99b98b222430d58ed4f5f19d88ed4cfd66842364ae9b983017c3c652719ec","sha512":"39247cb0c995c965a3183651a67239f83b85ce160094fc0ac7c23f0b5eb4eeb33a013d1421a0b6534422571969e0b11183e8357eb4cd364b70580e060012398b","ssdeep":"3:N/BKL1XFSEXUyX:eL1/UE","tlshash":"085504c0744030710d10d451d75014755c3f040130551545715d14f417311110514550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.458682Z","last_seen":"2025-09-24T13:41:01.458682Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2b690be7ab25bee65012ca9d1a8c5336","sha1":"a1b5eddc8a6ce746be01d58e090cae4399c947ba","sha256":"30be0c255038beddd05ecb78d73b113ca027333dc50bea117f70027a046c56ef","sha512":"999218b5beb4026b5e97db781e5b142a91a9e54ee183484fc3c69722cf20ba2a4a24b9bc14f7499f132c831480db94b516c88d61999359d3190e96a32b56cd5b","ssdeep":"3:N/BKL1XFSEXVVn:eL1/P","tlshash":"8b5504c0744430f15514d441d15054757c0f050350550471715d14d437311510510d54","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.46069Z","last_seen":"2025-09-24T13:41:01.46069Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33ff6022e88df59f8dfc9eb546435e9c","sha1":"7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4","sha256":"a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a","sha512":"99820974c649620d8dfd487054edee4863ca41025de5a87fcd6fddfafbecb53668799fdde6f7b809112fec178b18f28a9ff8e190d298aff5a29c6795ad639c25","ssdeep":"","tlshash":"0c600000c0303003000f3000f00000033cc000f0cccc3003030c00f000c000c0cc000c","size":14,"data":"","first_seen":"2024-12-12T23:50:40.556614Z","last_seen":"2026-04-04T18:46:53.546774Z","times_seen":248397,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b9ef8fdd44763b16caabe8da428cbce7","sha1":"797dfdea8311c64d27ec195e5fb5574f20b73596","sha256":"af820dc8c2e6283d6f0d98afc9c73bd2d67108a6688e00f29f36c0ae6ab74231","sha512":"0d3e0f7628b67b429d58ab9effa561d7c43bd267511701ce0d4c57dcf311b0417b976b52f94d7588645d936f5da7d62798d05b845aa9810075356e6c46623a67","ssdeep":"3:N/BKL1XFSEXVRrn:eL1/H","tlshash":"2c5504d074407071051cd441d15034557c1f054110550c51717d15d437311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.46438Z","last_seen":"2025-09-24T13:41:01.46438Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"48f75ba98a5a48a1df944eb692ff04f4","sha1":"f629c92bb2bb84084d34e3d5eac4728067e4d415","sha256":"1b50dfb0ffb984655f5ec8dfc271036ce5e5db384f3987b6d1baa877d269317e","sha512":"dd3236a3d8bf947141bff686b16a065d0fd5b90be04e3c423f73d17cb824714421b007fda4c087f00e3b297cd9e621999020feafaf6b67ab22eb210d84cbe4ca","ssdeep":"3:N/BKL1XFSEXVdSn:eL1/in","tlshash":"db5504c0f4c030710510d441d15014777c0f0501105d1453f15d14d417311130510551","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.466233Z","last_seen":"2025-09-24T13:41:01.466233Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"af84251ae102fc308962bd113e1be504","sha1":"72266bf0b7a6531d93924922afb2a72a73a3f7f9","sha256":"caebad81174f28d9cc2c6a14181d3eb7cf279e655b1e30ac1e812e11cfd4214f","sha512":"d18bdfa0c26e7f0c9e372a4a8222400037ef71fbdde63bc744999f51606e2d11fc0a7fddc6df1922bd2b020c753455eba12e14d99cf5caf0a839834e5ba710b3","ssdeep":"","tlshash":"17613acbe298c17b87467149710737c47e758797b25104da7fa0180a872a97fc128a79","size":3378,"data":"","first_seen":"2025-09-24T13:41:01.467788Z","last_seen":"2025-09-24T13:41:01.467788Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6934d9d33cd2d0c005994e7d96d2e0d9","sha1":"96d89030c1473585f16ec7a52050b410e44dd332","sha256":"08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952","sha512":"64ff1127cfca45f7ab820ffa481a3af55570ab2d7b1b7e9d3c0309bd3b6783f6b8d10c8eb2224bc517613f82372722a443dc221398cd2e5b24594ebef1bf4359","ssdeep":"","tlshash":"cd1100000000000000000000000000000000000000000000300c000003000000000000","size":1000,"data":"","first_seen":"2025-03-02T18:12:34.22932Z","last_seen":"2026-04-04T18:44:56.158462Z","times_seen":123142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"82c021b72340b9b695cf71b99e080dc2","sha1":"0d2ad9f52c19806c12b5789ffab3e4b7299a9189","sha256":"bd735c778014e563922230a680a77270c95a2cfae48844f5c528864de8cd363e","sha512":"0fd0311f39e300cf37d44775f13e9ce67f8e6582c186bdcbe2995f1648fbe74f36feb4533766c4912dde792c495d4098044e738331cf5edcb01ac430e850bf10","ssdeep":"3:N/BKL1XFSEXUUyn:eL1/UUyn","tlshash":"9e5504c0744c30710510d541d5d014d55c0f040110555543715d14d437311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.470513Z","last_seen":"2025-09-24T13:41:01.470513Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"81167a6d077bfc3ac463079b864abbe0","sha1":"f8f638d4c8af1e72147a6efbfa56dd781e644f0c","sha256":"f2c22fd040feebc117ec43e335aabcc1bc4052514ff02b44600f7570b13ea7bc","sha512":"736e7725141541a431f15ff4d1f96428704c99bd31e0b6a72042cc2a1b5d33cb01498674075c88ac7330dffbb3a0a8254ed2d31fcb67fe3ab2625fdbed4f017c","ssdeep":"3:N/BKL1XFSEXVSWKn:eL1/4f","tlshash":"e75504c0744030f11510d7c1d15314577c0f050110550451715d14d417351110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.471959Z","last_seen":"2025-09-24T13:41:01.471959Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c3a0913beea163cbae24367392516e6c","sha1":"ee90dd039a2b41771a2e1a682bad207a341d6943","sha256":"fbc1818d00909ace5dc9a75d03ee3e1664c0202857ef6fcf350804937af5be5a","sha512":"b381a4c1ac093fbc27dab2307665f029b726e5f8a1cc546b0cae51ee2bd49983d22839c01a4598cb70af69a7fc635b04fcc7641e50ff5d48db95fb8ae8d835cc","ssdeep":"3:N/BKL1XFSEXUfddn:eL1/UX","tlshash":"6d5504c0744170750510d451f55014d55c4f0401105535c3f15d14d417315510510dd0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.473688Z","last_seen":"2025-09-24T13:41:01.473688Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8c466d2de5800bc8562e542d03f53891","sha1":"056b827b75de2ad2f5336862e7327607b99999cd","sha256":"f6f3aab40a553df8dd401c99f4e37775a922d63b80b7f64995c9a5b3af97bd82","sha512":"8f771d76d0f50ce3b5450f2742977df6a98c9308c743a1b34f3f671e71993c1e0db7bebea7812eb88e82f163fb433f17e828d99810165ed15ef6bf69b8527a32","ssdeep":"3:N/BKL1XFSEXU2:eL1/U2","tlshash":"7b5504c0744030750510f441d55014575c0f0c0110753541f1dd14d417711110511550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.478557Z","last_seen":"2025-09-24T13:41:01.478557Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8c1d8606e95f02d3ecb221a3c5a9993e","sha1":"1826a74b4562e6f68fda8f5024b59cf2cb227540","sha256":"263a99de672a662736fdb4806618bc82470a6c2b4ac5e33f20f14fce6d8e02d6","sha512":"ff35789596b24cebf6e362d49e9e290ff8b2773e53eedd9aea143d14f1dbe1a2bf7ca728ed88bddf41d8606e480b57ffa04b30b56c801f17a754428f64cdc7c0","ssdeep":"3:N/BKL1XFSEXVSdQ:eL1/4dQ","tlshash":"5d5504c0744030710510d441d15014577c0f050110550451f55d14d457713131511550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.480184Z","last_seen":"2025-09-24T13:41:01.480184Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"87eb2c8f24455232fd27086602611b81","sha1":"d0db5de7c2bd6e6b2040b0d5ea8a3e32096c6d76","sha256":"2263c09068a7c66b252a8237044e5ed5066e0e3ef70e4f3e1237fb6c17c19997","sha512":"018761d24ff5d6ceb4b410080978476e6dc0e12c1596569ad257fd44002de0bd8562abf9819e49b9dea83dbb7c3a3eb752dd8f4bf4c1ccb9024d9fd11b6fb952","ssdeep":"3:N/BKL1XFSEXVUd3:eL1/+d3","tlshash":"565504c0f44034711551d441d15034557c0f051110550471715d14d417711153d10550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.482456Z","last_seen":"2025-09-24T13:41:01.482456Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"21322ee9f70295612a21bbd405ed1f24","sha1":"023f4dd7b0cc4cb1d2c26e09d3c22ae959c69665","sha256":"020e14d8be8461805c22349650f8980471285c209f93fa837ad7b7a09f710315","sha512":"3447c93b8481d5001c36fec50273e021b38d5eb77701c8fd03c51c7b8e64772a73328780e6581d77b74939b5507c748232f2ee62b11562cae9373308c2c53d8a","ssdeep":"","tlshash":"1211d0feafe560a7637125f9886f71059572fc5619027880ca10c38c7d29a0bd16bbb8","size":1098,"data":"","first_seen":"2025-09-24T13:33:58.151539Z","last_seen":"2025-09-24T14:21:31.859606Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"268bae8b0d7a64529c8852b4d07cafd8","sha1":"ce98742fc47d59f02c1cbf49d05b409c30c21c1a","sha256":"469e423a2036a5ee64a33d33cf4f4f03b5cf01d4902a8aac3dc6950ddecee645","sha512":"649b064a573046eb211482baffdc8714f4f7c753588d270731f8b90023ce0f376723c9dfdea8c2b33779f0419a59f83c683f1bf1232ad9d9a3b510bec442c067","ssdeep":"3:N/BKL1XFSEXVQcl:eL1/6q","tlshash":"305504c074403c710510d441d15014557c4f0511105504d1715d14d4173111105115d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.504628Z","last_seen":"2025-09-24T13:41:01.504628Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b597e1b74d985055157058b2558e8439","sha1":"cf8cd461ddce24ef0ad04837f8d5ab4a9c5656c8","sha256":"26043d72d22bdbe529aa4a9dd6503b9421cf27c4dbce13a887d8327880896628","sha512":"23e7e607a7619bf7bdfa205f84d90c9f7837cd1bf4fab82bcae8a50bedd44a5aa5d7e712c17af77d3234e02b1595918b1b5d9f87e51aacba188126323e8683e0","ssdeep":"3:N/BKL1XFSEXVdtn:eL1/9","tlshash":"e95504c0f44030730510d441d15014757c0f050310551553f15d14d417311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.507276Z","last_seen":"2025-09-24T13:41:01.507276Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"48c3e1ddb58d422f5e6df7bdaea7d1f6","sha1":"03817d38769e7041da95f8c69fbb9af13f0bdd72","sha256":"9fb97622bf115a08a1f37b34c91d82b0e0273c501369937573dbeaeda422a5b4","sha512":"08f569ce39439f7d00b11f17b8c7959eb0bd8ffa95da7a6d3889f648166c634eb2d3057c4e00a26f3031c55fc62baf7ed503d5e3f02102495a62ca3982f27f88","ssdeep":"3:N/BKL1XFSEXUe:eL1/Ue","tlshash":"035504c0744030f14554d451d55014555c0f040110551541735d14d517333110534550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.509832Z","last_seen":"2025-09-24T13:41:01.509832Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"771b0636ccfe8c287d2e2c975a1ea49f","sha1":"0dc0017b937a86aa628014a9cdd994fc4962fb33","sha256":"ef970eef11abec33279c317af4b5eee7cadc733eaed3b9dada92a231d0066760","sha512":"55eddda58755fb05977845d4dadc93d4af2874d164e03a860d97557ec1cd659df8823077384c1747e4dbd631da6be2820be98f3dec13e262ca388c0dd520d181","ssdeep":"3:N/BKL1XFSEXUzRn:eL1/UzR","tlshash":"e95504c474c030750550d4c1d55414755c4f045110553545715d14d417311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.511673Z","last_seen":"2025-09-24T13:41:01.511673Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7f3974458d45a0c38808e906292025f4","sha1":"24c51ba79108d71c34f19f5b4b5548feccd5c274","sha256":"65d7e0db8bc8e708987ceb388999014da5b6001b99a7ec1dd095d49c81daac7a","sha512":"7c15b055275983020046ee2c86a829e79ff4680175ace4d1e7abd10738d75b9136fc79b044dfa24f75c895232bb61f259d33edfcd8507457204a86eec8d76326","ssdeep":"3:N/BKL1XFSEXUeI:eL1/UeI","tlshash":"0b5504c0745030710514d441d55014d55c0f040110551541715d14d41f3151105305d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.51333Z","last_seen":"2025-09-24T13:41:01.51333Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"934ca456647fa6900c4790e3eb72f679","sha1":"3a1011f05301cc8bef7121bc3c27fd0705816732","sha256":"8d9b0a4b05728694c2c08692b663bcb020d11c9f25414a518841ffc7ce921124","sha512":"4137f3905e9d74aa2df9a300f83db3ee668fefd60d9f226eee99bda18f63478f6d6d7f335d95d043e78ae4ec4f58cd29bc3379f7e02c130982422141c1d50302","ssdeep":"","tlshash":"1d61ebdbe682097287a567eb801f36813bbb1123594461b51652d43d6d3ff5b264d088","size":3473,"data":"","first_seen":"2025-09-24T13:41:01.514596Z","last_seen":"2025-09-24T13:41:01.514596Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"22615c9292d48a8360a4345d6b0101ee","sha1":"d79acc498af57f1df9369f13e5e4495727828dd8","sha256":"5046ff2c0f2baa2d352fcc88e2416aff8c3c2df3250e1b301b7fbfa70e681e0b","sha512":"71faa75adf34994963319766f3fb666c1204fc26fe2016e8faf7590c976eac618d90c7bc02a698f06fbdb02d1bf0b252bd53637e106edb24fcfb6d8562012637","ssdeep":"3:N/BKL1XFSEXUURn:eL1/UUR","tlshash":"d35504c0744030710710d545d5d014555c0f044110575543715d14d4373111115105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.51793Z","last_seen":"2025-09-24T13:41:01.51793Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a877612e958dda87d31e30b55feae01b","sha1":"b8182926bad65fb7f4ed2eb3777750c65c5e5099","sha256":"54421e3064689a5f42c8f352d778a7236cd19f1d793459f30d17be91bf040927","sha512":"e91dcf14c7279e3ab9342e23372d4b03042784ebe66d7905ed8bd26845a03bff04c256c96cbcfb5799bfa4939a80bddc8ff197d0e177c67473477dffb3202e62","ssdeep":"3:N/BKL1XFSEXUfnn:eL1/Uv","tlshash":"f65504c0f44034710510dc41f5d414555c0f0c011055374371dd14d417711110510750","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.519806Z","last_seen":"2025-09-24T13:41:01.519806Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d9dd1b4c26b2a0a26a647877e6b2bf60","sha1":"fde93f65864dac9511eec508d1619772ffdadc3f","sha256":"0c110c32f0f688d72da3c7830193147c8beb6168ae2e977214f579a2e8560f5d","sha512":"ff9cf7317a94f70302136922679c7f90bd2c5e1d4a65e934b742cda003577bb8c5fab72391a01d865490b72d89da9b872f4a9f6e16c709482ac1e55136b2c364","ssdeep":"3:N/BKL1XFSEXU/SW:eL1/UaW","tlshash":"3c5504c0744030711510d441d55114557c0f040110551d41715d15d417311530510554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.521798Z","last_seen":"2025-09-24T13:41:01.521798Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bf950ff5634b5601e475a807c22d5df2","sha1":"1faec869e53aae7a7c85ddbcf7afb54ddc7dec5f","sha256":"6dafdb881a8e329e64ab57bab04e397bdd3cca67b2d7a9b1ebeab8906083cd3b","sha512":"8af741815d15757ebe37822c5553c5080e2fde6eefa4d91ab366cebb6d163d7b25a9822ea26a074ba6702a2831d93f18db0877bd72f5a673def903e8f9036032","ssdeep":"3:N/BKL1XFSEXU0:eL1/U0","tlshash":"fe5504c07c4030710510d451d550145d5c0f440110551541755d14dd17313110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.523812Z","last_seen":"2025-09-24T13:41:01.523812Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"5a438b3d2be9e07f90126317b6fe7dcf","sha1":"10042d883ce765980dd75f135e9dc135dbdc38dd","sha256":"22b2d6650082d218868bf771ada4fac8b303d66857f803affb1b0f2a2b301880","sha512":"7731e9e2663d70d3e4255bb27c2a4345e9ef33b96fcf6c4f09f90e0dbc1da5209adfc8a620d161b1ce8614193b708be0856b4929e2ce33fa56eabefb5cfe873b","ssdeep":"3:N/BKL1XFSEXUDWn:eL1/UDWn","tlshash":"175504c0f44070750510d441f5d015555c4f0c11105515c5715d34d4173111105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.525503Z","last_seen":"2025-09-24T13:41:01.525503Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4a0a8c611e1728830f3a8fc7241f7be6","sha1":"bcdfd8e894d44c855640ac1c247d5bfe96d4ea17","sha256":"ac9ef18cc96fc1374fc152c8a4bbd26b37c38224dcd10c7f8962d8f6f0f42b5f","sha512":"a6fbeee243e562967fde96af3c307926e9707a8c398dc59d1f7cfcdb3847d5c4a4da6d3bb5bcadffcf57cde514a977301c3ce03866e0f71e2789d0745a55fc51","ssdeep":"3:N/BKL1XFSEXUY:eL1/UY","tlshash":"fe5504c0744030710530d441d5501c575c0f0c0310d5154173dd14d4173111145305d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.527468Z","last_seen":"2025-09-24T13:41:01.527468Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"84bcf2698726486f040ab2e3efbb69a7","sha1":"ab8d40b3511115a7700245572ffae6b9a128e906","sha256":"9559fd86e26eb4dd362a68807d4b786cd775a9774199346e02dc83382c1f8b03","sha512":"f1e356653176004867610e554ca5e381a3bffa527d296133488602dd03efe48d2bff0a0e503841bb037cd5728b0eb9146e92dbe0489c4f847caaa2cdc93c0273","ssdeep":"3:N/BKL1XFSEXU2UUn:eL1/U2N","tlshash":"315504c0744070710510d441f55034575c0f054710551545715d54dc17331110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.529427Z","last_seen":"2025-09-24T13:41:01.529427Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"48cab2da927485be36faf40dfeace546","sha1":"1d18d88e611132c3146c46e1bfdcd9546b0ddeaa","sha256":"46497f4cf962f884291a15a732b4ad412bd6bdee6f3e5e31d17e476b3125e619","sha512":"fba146d2ba015bcc9f94fcc77cdd4b3e9a84d4b6d92d1af5ec0aa67a888ab549cfe8e134e5248a9204b504809a26e357feb468f92e70782d0832196a28ec200c","ssdeep":"3:N/BKL1XFSEXVTW:eL1/g","tlshash":"315504c074403071c514d441d15014557c0f0501105d0451735d14d4377111105105d1","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.533775Z","last_seen":"2025-09-24T13:41:01.533775Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8530ac82195cebc14d6706fd75009a20","sha1":"9d2068f2077485dd5106c4cb7bd19f627f65dfc5","sha256":"1f56f3a08c9a34642aec1bb046b698b909298f8819a6bea42c1c2e454e16e657","sha512":"28752580f7462fc48e642a0330b49becc05324030909936ba37f57d7607d29ecc8c02c2bc7124a39e6da96b58101c78538b4ec679e687a59f2150c2152897df5","ssdeep":"3:N/BKL1XFSEXUYd:eL1/UYd","tlshash":"a55504c47c5030710510d441d55014d55c1f040110551d41715d14d51731d1105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.536999Z","last_seen":"2025-09-24T13:41:01.536999Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0f4f09b8e455ea08dedcb38a219a0058","sha1":"b0ea701e45c704e0ff21e2876b1dd09400346818","sha256":"ec930ff32f788aaa81a9f3ad12d50c6220fa49d67494977e5d7249d97d2d1d6b","sha512":"31cdca03c4b7b527babc070d70c5da7ec5215051014fe5fd1e8afa52f1cf511282849032e0d3d3a80ffd2a07b8d7f6c8a32fe56e47f565e3f6f6537348ebd9af","ssdeep":"3:N/BKL1XFSEXUeF:eL1/UeF","tlshash":"545504c074c030710510d441d5d015555c1f0401305d1543715d14d517311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.538901Z","last_seen":"2025-09-24T13:41:01.538901Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a0c7cc601c6a85e991b92176d2029375","sha1":"a14f1dd397f62ded88832be442beba1b1aee6b55","sha256":"5c7990822eeb56fd489c8b2247c35154de082b46ea91b19c80f37307a3e874d6","sha512":"67ece5cccd2e10b76fcc7cef02de5de5b24589c6c4f3e1b541629c432ad0eee696a5b28286b190404901b0e8595d4f8a1a1570c828bba2e5db28ac0ec85eef29","ssdeep":"3:N/BKL1XFSEXU8:eL1/U8","tlshash":"345504c0744030710510d451d5501c555c0f041110551551715d14d41f313110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.542405Z","last_seen":"2025-09-24T13:41:01.542405Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bde605075a596308a7175ebfb1e42820","sha1":"4b844c8cc3c308caf50c96743c09166e259165fc","sha256":"9f13c32f8a1becf4691345003e05646f0efe502c4801908928bd98cdc75032e3","sha512":"8e41b68fdd6e7053336f581950b3575707e0a4b25acb705fc0d8615d126c4c284a96a67a6613dfac49554ad70831292b5837ce616843573c5b5402687ba2a511","ssdeep":"3:N/BKL1XFSEXUG8n:eL1/UG8n","tlshash":"155504c0f44030710510d741d55014755c0f040110571541735d14d417311110510d74","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.549345Z","last_seen":"2025-09-24T13:41:01.549345Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3313476651e516bf0f5caebf84c9c1d6","sha1":"88e7d658968cb0ecd544b85209727e2d89883b25","sha256":"e99313ab2b47737dc5b92eb192332f5e43e89ad40fba5a24b66642d5bdfbf7a6","sha512":"8af721cc0fd2d66a46427ad74c03ff3183420da3f0153c439f4d13957e69d31605ebad85cf7ee0d0458d99faac0080cbd8f9670d1ae1d1925874c5cfb627bc0a","ssdeep":"3:N/BKL1XFSEXUNTn:eL1/U9","tlshash":"455504c0744030710510d441d75014755d0f04051057354173dd14d417711150510d70","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.552175Z","last_seen":"2025-09-24T13:41:01.552175Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"70b59ae07246fba62ff4d16f8e71c480","sha1":"b26960b8972ded96b73148979b9f614d712ed525","sha256":"558deda18139de89099eec28fb811293bb27cb8d6e45026d0cbd458aab5d1864","sha512":"b6278265f043433e26906f0542c98729bee76612bc2bf61fa82b95ac0cfd10bfbfddd138505c17a8afdfc1ab6349bc9e66c67e782992e326b5595184fe00409f","ssdeep":"3:N/BKL1XFSEXVRGW:eL1/N","tlshash":"7f5504c0744070710510d441f1501455fc0f070110550c5171dd14fc17311310510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.554242Z","last_seen":"2025-09-24T13:41:01.554242Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6d68427ce4f7f6840689bbc790abf1e3","sha1":"4115affafd996c996f3f3c2d4a23cfc8999d4808","sha256":"5f7f425ac51bafad7ac43a2e30ee54658714778d6d67393607ede42b6e273bf7","sha512":"b25710cfec5c830b1119a371604345b3745d53b75921a9c4c116b6b4a239f0ffaa3d78194a7185144b055e082d1f9d124ea3f48ae3c4f7c3c75c89bac8161194","ssdeep":"3:N/BKL1XFSEXVcQQU:eL1/2FU","tlshash":"f75504c074c430710d10dc43f1703455fc0f070110550451715d75d417311350510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.562381Z","last_seen":"2025-09-24T13:41:01.562381Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"28b657c6d18a9f6a6b55162797f53785","sha1":"a676ad46551984f614469eb380050b916c6d3b14","sha256":"534b3412ad98350a2968020dbd546de00e65e48cb287dcdae52a931d6fb23ee5","sha512":"9886ad88bd9ec6e5094053c24a59b648d9da6547c799ef1c6510d800374f58a6470309009db5433f3af2888a30c6d707304228371a2f22a570d1063dd021bcb9","ssdeep":"3:N/BKL1XFSEXVcQXX:eL1/2U","tlshash":"9d5504c4744030710d14dc43f1501455fc0f071110d50451715f75d417311310510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.569846Z","last_seen":"2025-09-24T13:41:01.569846Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"5866bc7117ab11d260f934256d751706","sha1":"9ee1eaaba73eebb5c5195b02a163a38ae9b8e04c","sha256":"c2d868a2d64dca19f1ea2e3fde23db9f3bb73819785778990d52e9bd99218d78","sha512":"afa65333bb0bafa6731cef91477e043ce6cf1836ca6852c240ff60618c3f32f46677680ab1eeac085dc4ab2f703c35209d16a0af4c5cc7fe9a0a32269af29f3d","ssdeep":"3:N/BKL1XFSEXUu:eL1/Uu","tlshash":"a35504c074443071051cd451d750145d5c0f050110751541715d14d517333110530550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.577874Z","last_seen":"2025-09-24T13:41:01.577874Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6a56a39936792159a167f209ed1d8ae3","sha1":"dacee9877420f26547e097dca777911489c1a37e","sha256":"928ac4501a619fb0e2d31f86a5eccac42f742428058d050f93767d22f19a0445","sha512":"da47535f0b9ffbb13101470ba03edb9a0fb38129773ce9fd8343bc3b2ea095869ecd191e828ec3c6109a92da6a660d5c8282420f8d1e3dac3c67214fbe6bb366","ssdeep":"3:N/BKL1XFSEXU3U:eL1/Uk","tlshash":"e15504c07c40f1710510d4c1d55034555c0f040110551543715d54d437331310510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.580186Z","last_seen":"2025-09-24T13:41:01.580186Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"29b98c6516045033fcda2026f7405169","sha1":"20371982f897f14d3a4cd3652b642badb916f930","sha256":"017a53ec1e7818b4771573cf4f69fb64d5042a90caa665f9f557bef48a464b6a","sha512":"8fa1cce456f983a831b2ee544f80a89d5290b69be716770d305d67b5596f0e03f9e1f6faf443e331a76a6d81e91133991a60fb1c4c2ca214f0923362bf541d33","ssdeep":"3:N/BKL1XFSEXUQ:eL1/UQ","tlshash":"a15504c0744030710510d443f55014555c4f041114551547715d1cd41f311510510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.588791Z","last_seen":"2025-09-24T13:41:01.588791Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"30d046af3405510d19911ed21218618b","sha1":"d7ef084a507dc66855126f61af36bb6781864abf","sha256":"ca65e04b5ba1dba2ba2f3965d1a6e3adcc6388d3b530b06ea8710ad528f0cbf6","sha512":"6ca8f2cd752e0bf13691a778a828621939c9a1fa3843f27a01eb65afecc69a791c062378f5d5a42c9332858276607f9b121ca1c9a604fd287b29ca275d4b2b02","ssdeep":"3:N/BKL1XFSEXUO:eL1/UO","tlshash":"b75504c0755031710515dc41d55014575c0f0c4130d51541715d14d417311110534550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.59123Z","last_seen":"2025-09-24T13:41:01.59123Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9d5548acd236c2e910faa89b81e4c0b6","sha1":"6347636195978034e59b057dc124f4f9d93dc657","sha256":"3168c931aab6197dafd7e862c1d66fd82ecaf02557e71fc9e954feaaf2471aa8","sha512":"ce679dbeaf60c648cbaeef1dd3d1ee9c0b540e5202630087e6ac5af962c46b8babe85290fed163e6788a862e7ec34d40208e49dd9af4e45e20de2cbc4760fad2","ssdeep":"3:N/BKL1XFSEXVXVn:eL1/nn","tlshash":"5f5504c074403c751510d441d1d015557c0f050550570451715d14d417311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.598275Z","last_seen":"2025-09-24T13:41:01.598275Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"18009abb761280a43d5880838050a54f","sha1":"f0883382ed4560d2d7aaf7110d1be111ec38a891","sha256":"20f0b2ce740c6dbb42062b429b7273a4d5524be16054c828c14c7b44c51558b4","sha512":"9a15c29c608fb2697e9de195590dc78c2185ea58da0d05932df0caf3ad881e0bee2c0b4dc83e132d3950f50039db708fb591b4cdf0ae8a1d5656b2a786b59300","ssdeep":"3:N/BKL1XFSEXVVd:eL1/F","tlshash":"905504c0744030f11510d441d15014dd7c0f0503515d0451715d14f4173111105105d4","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.600966Z","last_seen":"2025-09-24T13:41:01.600966Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"02177c948a84ed03222068ae8bdb09ca","sha1":"700ebc857940f7af8ab8ffd5994852914a4bde56","sha256":"f9dd7124d7e60aa771c95a6c28446a151a4fcb42b1d12e83a8b99b4a7468dd09","sha512":"d396450665279303ef9502917b2659e355000793a3f8f15acf7af7fdb893b946353af52a3e1fe3adcb8373305129a610b0c42dcf745bebf0d6bd8e85e6d3904a","ssdeep":"3:N/BKL1XFSEXVUXH:eL1/+XH","tlshash":"625504c07c4030754710d441d1f034577c0f0501105d0451715d14d417313150510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.603498Z","last_seen":"2025-09-24T13:41:01.603498Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"780155326d4288d4946e7472973b9b6c","sha1":"93502aba86ae721eed6082b63c751a4c2d75b7aa","sha256":"fc7bcd558eee207c43538c314739b57bed3934f2a643e03f1596720bf66f7fee","sha512":"00cfcba6c0bbb60c3348ca01efa5c6b20c286899640883a54e23975950a0489cefb563320f15a2030b7a8c7952649c7728b8400a0b5f6f5097b90fdd543f9eef","ssdeep":"3:N/BKL1XFSEXUNFn:eL1/UT","tlshash":"165504c0744030710510d441f55014555c5f04011057354173dd1cd417711510510d70","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.610079Z","last_seen":"2025-09-24T13:41:01.610079Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2d9c106187a4ebf9e3c8f8bc1bef1a7d","sha1":"9dd9a19841489960c871c24101c91fba3c1b152f","sha256":"dd98d72f3d42d77ce1fff6f13c9582114d770e431bab6f3cd4a9bafab1a7008b","sha512":"0c1c536e652c55bb7988f0dd4f183170e82c98a24cfb745b698ca53465151ad386b950a1e5f1ab15af11c98bf200e34bd9fc05ac35f57a9d9d19daa409828239","ssdeep":"3:N/BKL1XFSEXU0:eL1/U0","tlshash":"085504c0744030710510d441d5501c775c0f1c5114551541715d14d417311110530550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.612048Z","last_seen":"2025-09-24T13:41:01.612048Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/eb39805feb3b/api.js?onload=iwdV4\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a17c1173ee9c79d716cc0a1766c58d27","sha1":"19291e702dfaaf61d7ac48bf6e123bad48887d81","sha256":"603637362d7a01dc3ef1c813c372e258163f2ffbb958f5cfa5b761fec62ed4e1","sha512":"9e0a7d45860d3ce3cf07ad89e5e1933b90dd99e1d70b0f6935c5c705896efaa034babfe281eeb35086d327b65761f5f72e14638dbb9f37c16d682137bd615897","ssdeep":"768:2C6BtV2fM2tua+Qnr7dd5bzBKu5PUJ14vcPBrhfsskfvM8PFY13Fop+ORWqxIrm7:g2E2tua+QnrJf5POTdkfJaI","tlshash":"d9232c583256793267e984e1617ba74373297939e94ccc50d823c86532bcecad233f7a","size":49070,"data":"","first_seen":"2025-09-24T12:31:58.207101Z","last_seen":"2025-09-25T00:56:40.3991Z","times_seen":449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"615d3b9b44190f3cb8fbfa24a0b9b0eb","sha1":"b3f0f6b1bb8d22499039803ab29717f9a5b96db1","sha256":"6cfae7cbc2b515b7a9f1cbb61b285130151af8f9aa1bbf5cd343428f53e01f37","sha512":"4f46c8686ae029366715e7734c2ad61ad960501124e711264bbe16f79b6282f88ce204212bf0406702afb09372aef0fda4e8db6cd7391eee38495aecd3d1d6ed","ssdeep":"3:N/BKL1XFSEXVVk:eL1/M","tlshash":"475504c0744030f15514d441d17054557c0f050350550471715d14d437311510710554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.613262Z","last_seen":"2025-09-24T13:41:01.613262Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2296c380cf9eccefa61e7dd1eae7b399","sha1":"a8515fd1dda560f68e9991ea35e342a539c4bd47","sha256":"33d543897fb70abfb91a90b1efe35feb151c756e00385c2da1cbe114e3da9572","sha512":"a0ec822cfa5a064c36d20f3d934d811134237b047de537e4ce2d4b0cd6f74a140e5b9e07f1ca73264f693af94738ec8f003b80f5351b30c8eed20c50abef1830","ssdeep":"3:N/BKL1XFSEXVWRZn:eL1/8RZn","tlshash":"5b5504c474c030750510dc41d35014757c0f050110551451715d14d417311110510551","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.614924Z","last_seen":"2025-09-24T13:41:01.614924Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7d96b3880e72d98d228eaed5c95ab07a","sha1":"dc075935651c2af95355c5b3dcf44488b8d986d7","sha256":"1b7bb64f0f0189627503e2d3331d77875b27622708659a2234b235b08cc4bbaf","sha512":"478301373c7bdf91e9a1b00a3b75e06d1b71ea4bc46f9dea7cf4bc43030874ed9d19754ce7350d99aadca649f7555431155031f9ca2970734e865b325bda4276","ssdeep":"3:N/BKL1XFSEXUun:eL1/Uun","tlshash":"435504c47c4030711d10d441d7501c75dc1f040130551541715d14d417313110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.618505Z","last_seen":"2025-09-24T13:41:01.618505Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"88075d88e866a3322084d1e39b56c704","sha1":"3970822c94c09272bfa370345ef85db851db51b5","sha256":"f7df2760d57e4dfc7a4450b671d9c4275b3a6e90ab25ea3e1b0543c3a48f7e69","sha512":"42b57200c76c902a63d93720344c6c9d209a6b003b555017916c649de968fb2132289fb2d13075de6d301f164ec953a6d8fa401d6cb4cd9414bed845218fe6bd","ssdeep":"3:N/BKL1XFSEXU5QX:eL1/UOX","tlshash":"2f5504c0744071750510d441d55014d55c0f0411505715c1737d15d417311110510554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.621284Z","last_seen":"2025-09-24T13:41:01.621284Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bd71c2736ab0001c5e63b48632ac10e7","sha1":"26d474d5d151f606acb113c26d212d40f6e3c37f","sha256":"5eb4bcf5cc4c2092b350a2dab28adab0b011a51e9e61d20835c5915fd5b74875","sha512":"b514583bf92a64dd43de7052451643b75800837f243200a29d46243a76c50423b8b6f452a91e9ce1d4d49c5df3fcb1ac0039e22c97d74f3872fd97e5009457b7","ssdeep":"3:N/BKL1XFSEXVQTTQ:eL1/6TTQ","tlshash":"e15504d0744030750510d441f55114557c4f0701105d0451715d34d417311110510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.622648Z","last_seen":"2025-09-24T13:41:01.622648Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d4447fc65a819f54f71330f72a927d09","sha1":"daed4ddf2432d313f161d20b3b96131b67255b50","sha256":"d464582d0ebdd1b44d178003b5dbd89beeebcfdb67a1a79d493f6026ab432faa","sha512":"52c51c73ad0c2c8559b7e1aef67da6f3ac9c401cd8f25c9d6051739a8a33d4b7a72c08b69b9440d267745742e2c6214aff3513da44f4c9a71b92d7163f732aed","ssdeep":"3:N/BKL1XFSEXU2U:eL1/Uz","tlshash":"1b5504c0744030710510d4c1d55014555c4f045110551545715d14d4173111105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.624257Z","last_seen":"2025-09-24T13:41:01.624257Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"34aff64ec492d6d62ea54b06178eec83","sha1":"a93d412cbc579bf44c54c6494875a64294aa1c59","sha256":"2c9e9f6e6e3e6e60e9d23bf648302406e214a1bce366af4d2ce48d9687e8d277","sha512":"bdff1ed63396c79b16a226be649919624b2c6a72521693e32bac3fe9591514c291c927443b2789791fd7291f15ea9ff70665e49d38900e966776111ccdc7aed9","ssdeep":"3:N/BKL1XFSEXVcV/:eL1/2V/","tlshash":"515504c0744030710d10dc41d15034557d1f1f0310d50451715d75d417311110514550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.62562Z","last_seen":"2025-09-24T13:41:01.62562Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"97c17ecb4b527482d3ff9ca87418dacb","sha1":"f913e3ef7e68a9c1ec4df7157f7109496b7e74ef","sha256":"5d83b3fedd70b1d6b41fb7eb382dcd0c21acc12c6a526c16627705ab47e6cbdc","sha512":"a3977c722f5bfcf20d6d954c03561abcaa18c4a7d6bd3a0774c63b7db03e99f86762c718d95fd0a35b7306e62a1610213f9f33f76a53baa4be26b1a9fd9c2b43","ssdeep":"3:N/BKL1XFSEXUF:eL1/UF","tlshash":"485504c47c5034710d14dc41d55014557d0f040110551541715d15d417311310510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.631683Z","last_seen":"2025-09-24T13:41:01.631683Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c5e50a33dbb1ca59de10199d5b01a800","sha1":"2d5517128135df96543b6c5d188f6602d04e7494","sha256":"5d83f5aa4b2f8d9d8a3bc2264af5152f857604fc97c5c67a48811dff54ac5ce4","sha512":"97361f88876e0ada20caa91bbe9212ebe2f336e615b1cd9fa6fe8d9e74991e1b4b5c361fc92006ee6bdc601be7ce26e0ef36460b63a7df6029cd0adc9ae3fb6d","ssdeep":"3:N/BKL1XFSEXVWdBn:eL1/8dBn","tlshash":"fb5504c174c030750d10d441d35434757c1f050110750455715d14d417711111510550","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.633429Z","last_seen":"2025-09-24T13:41:01.633429Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fccc39d059bd8936d38b65624f06cc46","sha1":"9cbb56e2ce0f47487f85bbbdf65a59e63a05f325","sha256":"76f509d23951a3e8b4859facb4f78e92a098f4b69fdf5d6cf60619f94c52ad3a","sha512":"e8a9aa965f6cb949eec5fb544938d02c32038d15d263f71e5079fc41b6d381d6b0484903d4a1a428d54c5bcf815520e88e76cf349088dcf519d5f7ef81b322e9","ssdeep":"3:N/BKL1XFSEXU+9:eL1/U+9","tlshash":"b45504c0744030710510d441d5505c555c0f040110551541755d17d41f311510510554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.634657Z","last_seen":"2025-09-24T13:41:01.634657Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"93e3dd792a61ae36fe1d3d67dfc12038","sha1":"bd110acc2fc3a4133940d029a0a5ade4111530da","sha256":"093d1ecca8c05b0262fd673fb63d15abdc2d4660897758044e862a489bfb0c39","sha512":"fd43a916c1a8dd8cd0d9ef8b49ae9fdd4193277d5f58acc3fb70ddba604e3cb3a9995a9c8f8918893d63f8f6dcd76d7d6c74010e2fbd161da247be5f08872024","ssdeep":"3:N/BKL1XFSEXU5XWn:eL1/UYn","tlshash":"0f5504c0744070750510d441d55014575c0f044110571dc1715d15d417331110510554","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.635996Z","last_seen":"2025-09-24T13:41:01.635996Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ca9d4b85aa8397babfb28684fbfebe05","sha1":"01a969704b01b3afeae6927b3d092c2ee396014d","sha256":"4bea243155bdb176a846e9e6d45272a6302d74f4761e8728e7f79efee155f4e4","sha512":"47127a30661eecdefaa91b3825e1c0818981da78a738087c2e77ba151413ceda33b0bcaa3addb34289cc8d82398163b8f20012dff4e7ed943b4e7ce99f39513f","ssdeep":"3:N/BKL1XFSEXU3Vn:eL1/U3Vn","tlshash":"b05504c074d070710d10d441d7d014755d3f040130551541715d14d5173111105105d0","size":1337359,"data":"","first_seen":"2025-09-24T13:41:01.637774Z","last_seen":"2025-09-24T13:41:01.637774Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-04T18:46:53.62713Z","times_seen":747713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/196395446:1758720056:_KzyXuMT-kxc5JotdLNnA9lMWRRCVI6Nir-vxN4-9j8/9842b0ef3b1dc759/d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","date":"2025-09-24T13:40:00.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/196395446:1758720056:_KzyXuMT-kxc5JotdLNnA9lMWRRCVI6Nir-vxN4-9j8/9842b0ef3b1dc759/d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto\r\ncf-chl: d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4119\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:01 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: m6qQZkeKdJ1DMxan92xVCbjPUKwN+1B+VieWNws2RZ82w5X7dFQJ9TpQ4apIb+mY7wTetRv0FEspYnFAmy2K9A0uWPCfKkpZZsKFxqQbWbJk2XikrpQeZSoYk13ETdLzls8I1nnOiLONkjCkUNQl+w23b1b8VN9vZWIYowgfYlCQtYf7ygPhsPSwpvrSzAoXw4Mpd9c01eAGc91RrXz4baJMg8faB+qmxbZCy8ncHVztglkaICvxq9CCTGA6KQae6XEuDiGB34I1za7MWKmvEKSZLiBCveRQCW+tq5i5v+tXojrB7y2oQZ7HcCO5erCVnIw/iGziwdJVagHTMKikmLG/NMJ7iXvXKoFSyEaPgMQezZg0MwiGvr119zgKNDKgFtqqqtG8gNDiaqw2jWLkwmUceZXwba7YifqbFNyHg3sgOuF2BNoNeZ5pdogKUhsIeuYfCHv+JrKBsvQ+P2zCOlIki7PWqts4RI/vGGNIjrWMlpFnWqMrLOH08Zqa0MXbotDjuyMpvw8DBLu5kflfYxjwa8DXJzwIZmZ2wnry1BlMgh9ZjRUISWDFvPgjaUthVrPsuXqE21E/QA2FFnxQ6VAxQ3oijOzf1gGcZkORcBhoPOrfnGKUYsDpRNpMIWSHqz/TF8mhk2fbdITJBPFwuoSe3j01WZk0q82PTLEGhV3zFG4K5slKVbpdoQD1QE3lbIgHKvX9PVz6+iotuxjJyVBd0s0zL+FVOdQ6/J3CJkwUE5XIvXXlTBEu+sZiBEHKqF8jJtmyTOES7438BekVgQ==$bEabk2RErWPgv4UKgT1g8Q==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9842b0f21c10c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":277420,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"25ac0f6641fce543461ae826da5e51e0","sha1":"818fd639003b3b6937826d4d59274054860bb611","sha256":"139de6877cd3c1252df2cf522c24c00cfa33e4dce1824823ec46ca4a576dade9","sha512":"4be57ede14af1c8406a62a96d995a4dac71dec487631355178a81296256ff368da148374cda223b12cf95e236205353ab3543e62257611679e9e057495fc9971","ssdeep":"6144:TNCMMXvZ3DQeCIO+OB0WvQpfhHYmCgLPp1wNeZeyPO5BTgE/DNh:T1M/ZMe2ZaWsfP7DvSeI+O/HZh","tlshash":"2e44127f462b3bbf4f92aa2301b0444eafdc1fa2b461a3c1517a1d9f805ed5c05615fa","first_seen":"2025-09-24T13:41:01.403551Z","last_seen":"2025-09-24T13:41:01.403551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/9842b0ef3b1dc759/1758721200998/Y24bpWZCjPGE7pV","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","date":"2025-09-24T13:40:06.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/d/9842b0ef3b1dc759/1758721200998/Y24bpWZCjPGE7pV HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 376\r\ncf-ray: 9842b111fa56c759-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":376,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 77, 8-bit/color RGBA, non-interlaced","md5":"7fd639d3224a6a1b33cf4d7ffe33c2be","sha1":"825381334e7a71e753b4ece0a63c1b2fc773fcaf","sha256":"da7800aa224bf312d8e96f6bbc810b6e0dde79b493855fe384fed7a26a486e56","sha512":"0f027d4502670bce73453d531907a06b4612561353c3ee44d029acfc49a1fe6cbf486bccbdfb60130472d1cb5d3b84fa3c7973f16efc65a306fdb6ac1d1c14a8","ssdeep":"","tlshash":"b2e0f6e1697b6638bf8eaba3f1d1ff064c3c80c0a29ec8648109b61692115f86848ad1","first_seen":"2025-05-24T20:47:37.065263Z","last_seen":"2026-04-02T15:33:52.583986Z","times_seen":127,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/196395446:1758720056:_KzyXuMT-kxc5JotdLNnA9lMWRRCVI6Nir-vxN4-9j8/9842b0ef3b1dc759/d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","date":"2025-09-24T13:40:06.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/196395446:1758720056:_KzyXuMT-kxc5JotdLNnA9lMWRRCVI6Nir-vxN4-9j8/9842b0ef3b1dc759/d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto\r\ncf-chl: d_Uc_bUV5EvN2vtN7JVOTaxwuAJmb7H5ZLgPbejPmZc-1758721200-1.2.1.1-_SRWPrDllRVbKBuZqJVsf_pDVnjQ6ewvTT632aQVl064IWcTJrQ9.sE9j5E3LmtU\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 34583\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:06 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: XTL05SuY1xfPezXFLrErUFFDplSSDIKdwdiGYcV7ro/51x8jwrK9qNor2tYfsnVT$tKNiTO2BhpFDulCiMcjmSg==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9842b1174995c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29068,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29068), with no line terminators","md5":"9d698e5141211726ad7b19aef81c0285","sha1":"e3ab7ee6c946c043994939a7238fba200a79d85f","sha256":"0b8c31e66802fe3449cee656ee1d9fd6c06420a6ff37857614233947446939b5","sha512":"16ac9a23df179b02d21b886002dfa1596e4afb2ec3fa9b38db2c59eb63082269ea0d5f09a36ae7e0177d84f9bb700c2a3bb83a8e2d9b0f148fc099ff3922dc19","ssdeep":"768:KYWA5lYrqC0f8Up/LyTevk9uBzp8r2stK4CcaXgoDQ:KYWAIuZUUhTTBVShtK3JXO","tlshash":"46d2f1563047703c94e4863741b9e69583f7d2e60827ffa883cf23bd81ae9aca365171","first_seen":"2025-09-24T13:41:01.407396Z","last_seen":"2025-09-24T13:41:01.407396Z","times_seen":1,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-24T13:39:59.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Wed, 24 Sep 2025 13:39:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=gNluXoqeVEPFjszqkM2TyKvkXMp3%2FWxMJex4sOsl6v%2FF9B%2F2L7xyVaew3em7U4bkitsEovFOiiJvkrpmOewkoQU2WmHwW4s9WImJqsTYh%2FJvs10ICC8mnbG5oWgReSPoUR%2F1ifTYzTdPdVU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9842b0ea997956bd-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: chlray;desc=\"9842b0ea997956bd\", cfL4;desc=\"?proto=TCP\u0026rtt=531\u0026min_rtt=484\u0026rtt_var=181\u0026sent=6\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=2985\u0026recv_bytes=1268\u0026delivery_rate=4786776\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=00a25ae8b514b4a7\u0026ts=291\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7736,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (7736), with no line terminators","md5":"0635da7204305c98ef04a45e771a2227","sha1":"ba47018f661be429f1390b1d750d3811c5be38a0","sha256":"7657fbf99845807395d58f5261032790775160369945dc7f4dd4e04dff4f1b89","sha512":"7516b16e2c00a8938493e4595e386753470acfa350f67d3bb08bf069cfc04a889ed2b4e405f9520766908c19c8386f2ea172dc9475f85e3901aa172d4c04d7f2","ssdeep":"192:PNadBxqf9xOqEggWvfLAAlNlPwy1V+GCyE7w:0Fqf9ARgNLAAlTPr1V+GS7w","tlshash":"9bf17ca79a62a03f23b79fd144bb33046325d1319a4060c8daa2d62cd5fef97c121288","first_seen":"2025-09-24T13:41:01.41007Z","last_seen":"2025-09-24T13:41:01.41007Z","times_seen":1,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":280,"dns":8,"connect":1,"send":0,"wait":23,"receive":0,"ssl":268},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/favicon.ico","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.143Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://assetdelivery.pekora.zip/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 500 Internal Server Error\r\nDate: Wed, 24 Sep 2025 13:40:00 GMT\r\nContent-Type: text/plain\r\nContent-Length: 22\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z3x3Lo7MAKvU7QFFUwmAdk9Is6%2BdYQWtChbQM2qbqIM5%2BqkREynXghp1rps%2FGvD7kQT9UPo6kqUTpt6AZ7Pv8lxMDC7wLfSHznNa18V4SMvkrIr6Rba12g%3D%3D\"}]}\r\nCF-RAY: 9842b0ece8a71525-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"7d8bdb8b90cf2916c72ac2c8b6dce227","sha1":"192b8072c96afe65936ce1e120ca491924b36556","sha256":"810fea149711e5c635f3a3cb89b92a95a820d0dc77cd0dc9a613f1503ed3c251","sha512":"96d42e4dc3b2a179804173edc05821febc8b960395bdda372699fca2d978f2390b4134ff7c0fbca4ea3420955be3f0afdda3a00d530ed8c42fe846f08bfc78ae","ssdeep":"","tlshash":"a3700088800000b8e0000280a80a0a28c32f8acc380022080808008830082a0e080208","first_seen":"2025-09-24T13:41:01.413874Z","last_seen":"2025-09-24T13:41:01.413874Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56724,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.213139+0000\",\"flow_id\":1968482106223778,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56724,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56724},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":645,\"bytes_toclient\":839,\"start\":\"2025-09-24T13:40:00.142498+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.223585+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":40,\"bytes_toserver\":2558,\"bytes_toclient\":53760,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-YMC7E8dltAViQHAk' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9842b0ef3b1dc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27147,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (27147), with no line terminators","md5":"dceb7685d2360ab1e6522f70d1928f22","sha1":"4f4155b8b9a39b56970ed5055a786f6da92bdeda","sha256":"05c51f3f763f17e69d653971a4a13d13a25f164713659054ac134b0c04e74c48","sha512":"7862e0c1a74418fc0430a43945dbec2920ac8a131e2f4398924899f6620b7240d210a9aab5f62262d15501483c0e78217900be477dfa69d7dcbb28d0a422df48","ssdeep":"384:gu6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBAuA0/2J4C5Y:FdGrkHzlJUdLV9da3m81Ak2J4CW","tlshash":"b0c2c8038a501b7e7553872db3d1b5c8a338ba026f56b1bbf15012a58f4d2af2b5371a","first_seen":"2025-09-24T13:41:01.415256Z","last_seen":"2025-09-24T13:41:01.415256Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","date":"2025-09-24T13:40:00.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\ncf-ray: 9842b0efbca4c759-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9842b0ef3b1dc759\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto","date":"2025-09-24T13:40:00.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9842b0ef3b1dc759\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rch/rgq0w/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:00 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9842b0efcce7c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144194,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"efabaa95b574559b3237a8a290aecb1b","sha1":"24329410118709603acc5dc3a69df03e7bc461f3","sha256":"d74db4bba012c8c1f663ca82c87ee4fdbc5b6970e3e1a8d1bdfbb790e9b1e8a0","sha512":"e25dba1850d5101f1664b7ad98b1f2d9f88538ff68d1b7cc7d4cc31c965e337cddd0db249c74db2d69f7e7417aa7fda93acea114645a96f6232f232260479304","ssdeep":"1536:tSSLSBaqDKKyX8xeJVz1Np9FL3h1ZI2pedB+2QkHMqVXSVii4NZFaOW2spn0blpN:tSUgyTVzN9th1Z+xQk30Vii4NrT+Opd/","tlshash":"f8e3c88a34da769313767064103bbbdf727a3c84b0058c1cea419ce878e57596ee7de8","first_seen":"2025-09-24T13:41:01.418185Z","last_seen":"2025-09-24T13:41:01.418185Z","times_seen":1,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-24T13:39:59.891Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Wed, 24 Sep 2025 13:39:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VCElcSngY8%2BC1fA77%2FkRMhsB5jPXhGljb2ayBdSBQrxncK2xIX2SpAN41SL6MeLbgqGy4sJ3D9LoF4CLVsE4VRq3ph9sNRthZV2JpXrnpPZkBtmKON18H8hCHR%2BNXMWLyuwCNjmMBJW7ytk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9842b0eb580c76ef-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: chlray;desc=\"9842b0eb580c76ef\", cfL4;desc=\"?proto=TCP\u0026rtt=412\u0026min_rtt=412\u0026rtt_var=206\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=409\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5475,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5475), with no line terminators","md5":"553312f0d8d98167cb940b3806fc497c","sha1":"2f6313c9035dfba56a34b11ab5e3ce0c5143a156","sha256":"9acf88b69ef842cc87b5eefb1aca941084bfaf7cb6f4800ec7e627e0589073b5","sha512":"167c6434dca9db1a779c859ac9842fe7ba7e78e43e56d4ac075d94db4ff2f76967e4c2c0e8eead407780d05b61fcdff339899a0dd116aa72303eb084515d2d2d","ssdeep":"96:PNybXZtIEb0EFW87Il1/D/f1h8l/dn2qTgr+Q/IJD40fnEmCvIKYzueh8S/vmw:PNadBYbH1hM/cQK/w40fEmCvKyI2w","tlshash":"f7b16df7e6920037d3b25af7803f338066775211970091b9e963d83c99eef4b558a08c","first_seen":"2025-09-24T13:41:01.420311Z","last_seen":"2025-09-24T13:41:01.420311Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:39:59Z","timestamp":1758721199,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56702,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:39:59.911135+0000\",\"flow_id\":300900923970744,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56702,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56702},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":681,\"bytes_toclient\":6061,\"start\":\"2025-09-24T13:39:59.890040+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.001Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 24 Sep 2025 13:40:00 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9842b0ec78c25691-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":124714,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"55542a3cf04fbf3b791f360048857a1f","sha1":"8651641a6597639d51495a0ed1f5f6bb386c23d2","sha256":"23fe6a82b0638faccf1b89f089058300ae79ca64e8ec3ebec41dffff297d8cf4","sha512":"a6e2e789d57ef85aa7b446f743f645f598794aa4a42fb2081e0b3b734988cad3a930cb1f507e912cc04727fd928b76c58e068367aa2911cc5c091a7d3c72a934","ssdeep":"1536:Ct8wprIf37SnpjqsRCaS/YiE21hFAqjxP/MsF9ZbYJDIW8BrFBLLJkzjZ7k4xoyW:C+wI7OpeskaS/YBgFHjWQbYDM7LiCJyW","tlshash":"c2c3c58a38de399943722074143b3bcf62be7c4474194d1ce75099f8bce5b29a973da8","first_seen":"2025-09-24T13:41:01.422169Z","last_seen":"2025-09-24T13:41:01.422169Z","times_seen":1,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":77,"dns":69,"connect":1,"send":0,"wait":18,"receive":8,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.095886+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=9842b0eb580c76ef\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1087},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":809,\"bytes_toclient\":3825,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/favicon.ico","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.106Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 500 Internal Server Error\r\nDate: Wed, 24 Sep 2025 13:40:00 GMT\r\nContent-Type: text/plain\r\nContent-Length: 22\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fvPXLSa8SP90WRvZJbahB9odaVIQWMAIib2zsIWxO%2B4BHmi0hiAdQr%2FBf3ChPFf2FIbpD3m52W52wS1M3a7h01NbNRk8MQJXuN2EgDpC5rpjhJt7yNo%3D\"}]}\r\nCF-RAY: 9842b0eca8e55691-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"7d8bdb8b90cf2916c72ac2c8b6dce227","sha1":"192b8072c96afe65936ce1e120ca491924b36556","sha256":"810fea149711e5c635f3a3cb89b92a95a820d0dc77cd0dc9a613f1503ed3c251","sha512":"96d42e4dc3b2a179804173edc05821febc8b960395bdda372699fca2d978f2390b4134ff7c0fbca4ea3420955be3f0afdda3a00d530ed8c42fe846f08bfc78ae","ssdeep":"","tlshash":"a3700088800000b8e0000280a80a0a28c32f8acc380022080808008830082a0e080208","first_seen":"2025-09-24T13:41:01.413874Z","last_seen":"2025-09-24T13:41:01.413874Z","times_seen":1,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56724,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.213139+0000\",\"flow_id\":1968482106223778,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56724,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56724},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":645,\"bytes_toclient\":839,\"start\":\"2025-09-24T13:40:00.142498+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-24T13:40:00Z","timestamp":1758721200,"ip_dst":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.7","port":56712,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-24T13:40:00.223585+0000\",\"flow_id\":328319995227884,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":56712,\"dest_ip\":\"172.67.144.192\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"172.67.144.192\",\"port\":80},\"target\":{\"ip\":\"172.18.0.7\",\"port\":56712},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"assetdelivery.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/plain\",\"http_refer\":\"http://assetdelivery.pekora.zip/?__cf_chl_rt_tk=.nY9FSN_ykz7cMz8sCII_omr8Y_nwHAyW.llTVjz.Do-1758721199-1.0.1.1-aQLYOG.LnqIOCN3odPJ.LjYCY2aEVAEJ9ANTZ9AFwa0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":500,\"length\":22},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":40,\"bytes_toserver\":2558,\"bytes_toclient\":53760,\"start\":\"2025-09-24T13:40:00.077548+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/eb39805feb3b/api.js?onload=iwdV4\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/g/eb39805feb3b/api.js?onload=iwdV4\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://assetdelivery.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 13:40:00 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Tue, 23 Sep 2025 12:33:35 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9842b0ed0f4c7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49070,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49069)","md5":"a17c1173ee9c79d716cc0a1766c58d27","sha1":"19291e702dfaaf61d7ac48bf6e123bad48887d81","sha256":"603637362d7a01dc3ef1c813c372e258163f2ffbb958f5cfa5b761fec62ed4e1","sha512":"9e0a7d45860d3ce3cf07ad89e5e1933b90dd99e1d70b0f6935c5c705896efaa034babfe281eeb35086d327b65761f5f72e14638dbb9f37c16d682137bd615897","ssdeep":"768:2C6BtV2fM2tua+Qnr7dd5bzBKu5PUJ14vcPBrhfsskfvM8PFY13Fop+ORWqxIrm7:g2E2tua+QnrJf5POTdkfJaI","tlshash":"d9232c583256793267e984e1617ba74373297939e94ccc50d823c86532bcecad233f7a","first_seen":"2025-09-24T12:31:58.207101Z","last_seen":"2025-09-25T00:56:40.3991Z","times_seen":449,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":16,"dns":0,"connect":1,"send":0,"wait":13,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"assetdelivery.pekora.zip/cdn-cgi/challenge-platform/h/g/flow/ov1/1746634468:1758720056:8kSEkMqtN_OgKAuApe8EcgBA316xXvtjSqNeAwElGhg/9842b0eb580c76ef/9Kjcfn3cnoZM3rOZ7492txL.NvcKGI8A3BPBr7A_NtI-1758721199-1.2.1.1-icLAUMNY410ifG6xnWfgNbxrXaE6tmWHOqz85lPevEMXSL5E1x5nUUyCbJ1pN889","fqdn":"assetdelivery.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://assetdelivery.pekora.zip/","date":"2025-09-24T13:40:00.336Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1746634468:1758720056:8kSEkMqtN_OgKAuApe8EcgBA316xXvtjSqNeAwElGhg/9842b0eb580c76ef/9Kjcfn3cnoZM3rOZ7492txL.NvcKGI8A3BPBr7A_NtI-1758721199-1.2.1.1-icLAUMNY410ifG6xnWfgNbxrXaE6tmWHOqz85lPevEMXSL5E1x5nUUyCbJ1pN889 HTTP/1.1\r\nHost: assetdelivery.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://assetdelivery.pekora.zip/\r\ncf-chl: 9Kjcfn3cnoZM3rOZ7492txL.NvcKGI8A3BPBr7A_NtI-1758721199-1.2.1.1-icLAUMNY410ifG6xnWfgNbxrXaE6tmWHOqz85lPevEMXSL5E1x5nUUyCbJ1pN889\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2135\r\nOrigin: http://assetdelivery.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 24 Sep 2025 13:40:00 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-gen: v2kh+Lh6xKvpDgZtKiN6IH/T+1/p7R14Uyp+5brKFCQ=$ROWlGC9NoL4vFhaPAC5JQg==\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9842b0ee1a485691-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19128,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (19128), with no line terminators","md5":"32a22787511e27441be26256a47a4be5","sha1":"b350e5836c53ba79002c5eea97f2844d9b79abc9","sha256":"60c13f53fb5a421a7d83a4861f8dc7cccda8c273bb65754a50e4f3c03fc3b9c9","sha512":"369bb2752d4d75b09926197e57ab07baed849037acd0aa94c1300bada1531e7d1c4965a947f85bdc84013b61dcaf1af8cb538df7931c0383549949cf7e4db704","ssdeep":"384://ZOgNAwzb6j7yRcdOGacosqCnUTn6ePOixNh++PEhGYKCL1htEP3uyGqCC2dUb:/ROgNNz+j7yRca6un6YNUME1KG1AuyPb","tlshash":"ee82d0a0df560f11c88d40afdb3bff829e05cd8a14f7164e3ab184079e4ac2866a94c8","first_seen":"2025-09-24T13:41:01.424961Z","last_seen":"2025-09-24T13:41:01.424961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"assetdelivery.pekora.zip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}