{"report_id":"61b6d3b9-8834-4a7a-912c-8b7eaee679a8","version":6,"status":"done","tags":[],"date":"2024-07-21T13:13:54Z","url":{"schema":"http","addr":"findidol.chu.jp/qekrn/","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T08:50:36Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-20 18:12:19","alert_count":0,"request_count":8,"received_data":7099,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-07-20 18:12:32","alert_count":0,"request_count":1,"received_data":888,"sent_data":327,"comment":"","tags":null,"fingerprints":null},{"fqdn":"findidol.chu.jp","ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":5,"received_data":8483,"sent_data":1922,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-21T13:13:44Z","timestamp":1721567624,"ip_dst":{"addr":"Client IP","port":56690,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"157.7.107.156","port":80,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body","source":"{\"timestamp\":\"2024-07-21T13:13:44.524240+0000\",\"flow_id\":1715027845096312,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"157.7.107.156\",\"src_port\":80,\"dest_ip\":\"172.18.0.21\",\"dest_port\":56690,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2847953,\"rev\":1,\"signature\":\"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_04_01\"]}},\"http\":{\"hostname\":\"findidol.chu.jp\",\"url\":\"/error.html\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1173},\"files\":[{\"filename\":\"/error.html\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":3252,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":616,\"bytes_toclient\":1708,\"start\":\"2024-07-21T13:13:32.566136+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:28.566407986Z","timestamp":1721567608566,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23C60C02F8A6F1F7FE01F9F4661CF04A03C046522201927DFA7C51CEBA6C5449\"\r\nLast-Modified: Sat, 20 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17523\r\nExpires: Sun, 21 Jul 2024 18:05:31 GMT\r\nDate: Sun, 21 Jul 2024 13:13:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3bd6a6d19bf0ab70e4e0cd3d2833afe1","sha1":"0dd2ee68cf939d2482a9b30bf767f412eb97e492","sha256":"23c60c02f8a6f1f7fe01f9f4661cf04a03c046522201927dfa7c51ceba6c5449","sha512":"2e01c67cd9f5eecbeac5c7c4e463f8ad2732b6e5fd0845fd838ab0a28c7992f6d10d7066384259bcb6961c570ce6c6e053a3fb60ed0f28c74fadf86a2e61c8e5","ssdeep":"","tlshash":"3cf0750229d17d81e564211e39c8db384d30e5d8304008e0bdc047e77212bc4054d47f","first_seen":"2024-07-21T03:16:15Z","last_seen":"2024-08-19T16:13:38.634572Z","times_seen":19895,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:28.573475825Z","timestamp":1721567608573,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"55DB53EF70B6BFEB3C259DBE5D0AC0E6625898A3AC37D7E200253C03979E2CF7\"\r\nLast-Modified: Sat, 20 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4640\r\nExpires: Sun, 21 Jul 2024 14:30:48 GMT\r\nDate: Sun, 21 Jul 2024 13:13:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c7f6de9d4ccb60f56a555de6134b5b77","sha1":"4b9e75fa3da17c1584a3d87aec6afd7d8da41d16","sha256":"55db53ef70b6bfeb3c259dbe5d0ac0e6625898a3ac37d7e200253c03979e2cf7","sha512":"6814097503745ddeefd242f8901f59060908bb6e972f2854908bdd8ea1c7c77cde3f6628c46c8920e69c60efd0c945c9ea546edfbe2f29d55bc71fa468347594","ssdeep":"","tlshash":"8ff005d74e533d555a30231478f9d1267c1f6b95740518e6f7f043aa3651fd904d444d","first_seen":"2024-07-21T09:36:51Z","last_seen":"2024-08-19T16:12:25.110033Z","times_seen":13065,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:28.823880322Z","timestamp":1721567608823,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"90A7510DC4ACC5716C9A82E10DCBB6074AF14F502E3847F8B6C43CAEF244CA12\"\r\nLast-Modified: Sat, 20 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10606\r\nExpires: Sun, 21 Jul 2024 16:10:14 GMT\r\nDate: Sun, 21 Jul 2024 13:13:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cf41dddde2cb04d4f8b233b01318bde1","sha1":"f7f9259cebf98c255ea506e7d7f0170c1e6a9604","sha256":"90a7510dc4acc5716c9a82e10dcbb6074af14f502e3847f8b6c43caef244ca12","sha512":"4c2d94c71c8e1bd65093b844aa45804a09334553e0948cded51668eaa9c61d36309a9306f6f166c06c6207b28e352c84358c476c9369607f05d179c7adf14799","ssdeep":"","tlshash":"25f0058602e33e4167e50b11347ef5bd3f759bd87505a9a0704041d17820fea4086055","first_seen":"2024-07-21T01:23:18Z","last_seen":"2024-08-19T16:13:56.5128Z","times_seen":15508,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:28.957460426Z","timestamp":1721567608957,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"951AE19E1EB066355BF55FF2163F6D14B689088FA3DD443FB01D889BB28FE095\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19569\r\nExpires: Sun, 21 Jul 2024 18:39:37 GMT\r\nDate: Sun, 21 Jul 2024 13:13:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41b470cfcb4d809b7689783076e07c76","sha1":"919b05dba2523cc4b8e9a6e873fe777fd753ee1b","sha256":"951ae19e1eb066355bf55ff2163f6d14b689088fa3dd443fb01d889bb28fe095","sha512":"dce19fad3a25686ec442ada5c3d462174a63f1fc17cf331d3690797222d4adb87c567235eda21ab6512379198277a0b73584283849c33439892ee919e093005d","ssdeep":"","tlshash":"eaf0054185d97f803760081a7ed5e1083e309f6ca4910fd4819046c72062bca5b940d8","first_seen":"2024-07-21T05:06:08Z","last_seen":"2024-08-19T16:13:24.436694Z","times_seen":17054,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:29.959845064Z","timestamp":1721567609959,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"9F8884B5C288AD4E2653E29F8A172619D88314E26DDCAC6D1181C0E44D91CB41\"\r\nLast-Modified: Sat, 20 Jul 2024 19:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17182\r\nExpires: Sun, 21 Jul 2024 17:59:51 GMT\r\nDate: Sun, 21 Jul 2024 13:13:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"574386361c376172f97b1dc1fbd0057e","sha1":"09e206648a5c42281a86bf29ba191d5739ad6718","sha256":"9f8884b5c288ad4e2653e29f8a172619d88314e26ddcac6d1181c0e44d91cb41","sha512":"6c7e8257be45d613886010579b4d84ba09c10343611d468103aca5f5c4c58e969d12282007bad01f772ab0dc24c11958a708256e6cd9da43a98db3326a3ca9ac","ssdeep":"","tlshash":"27f00ead3ef16dc009a0492bdde1c02e25301eb979949b85b4a412f5b892b9caa880cc","first_seen":"2024-07-20T22:19:00Z","last_seen":"2024-08-19T16:14:52.949704Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:30.882103267Z","timestamp":1721567610882,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4636\r\nExpires: Sun, 21 Jul 2024 14:30:46 GMT\r\nDate: Sun, 21 Jul 2024 13:13:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:30.882993909Z","timestamp":1721567610882,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4636\r\nExpires: Sun, 21 Jul 2024 14:30:46 GMT\r\nDate: Sun, 21 Jul 2024 13:13:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:30.883768409Z","timestamp":1721567610883,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4636\r\nExpires: Sun, 21 Jul 2024 14:30:46 GMT\r\nDate: Sun, 21 Jul 2024 13:13:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:30.884897577Z","timestamp":1721567610884,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4636\r\nExpires: Sun, 21 Jul 2024 14:30:46 GMT\r\nDate: Sun, 21 Jul 2024 13:13:30 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"findidol.chu.jp/","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:33.983653136Z","timestamp":1721567613983,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: findidol.chu.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Jul 2024 13:13:33 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: Apache\r\nX-Powered-By: PHP/7.1.33\r\nlocation: error.html\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T09:59:59.281443Z","times_seen":13970278,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"findidol.chu.jp/error.html","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-21T13:13:34.256224165Z","timestamp":1721567614256,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /error.html HTTP/1.1\r\nHost: findidol.chu.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Jul 2024 13:13:34 GMT\r\nContent-Type: text/html\r\nContent-Length: 1173\r\nConnection: keep-alive\r\nServer: Apache\r\nLast-Modified: Sat, 23 Mar 2024 19:05:54 GMT\r\nAccept-Ranges: none\r\nVary: Range,Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1173,"size_decoded":3252,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d4d8254ae6ff709ccb6501a776e2fadb","sha1":"017ed17452859138d6527576ae0bb60f73075b2c","sha256":"7c6003a1e5cbffa8c8e357bc62e9553f0ab7489e96794de1ba1e896a3ac10932","sha512":"646b73cbf861bfafe17e91feb97c9a3545412a2616b17564bc732d8b660ccfeefc4835c071c5f01a26bd86a9b57adc33f4f69a9e2c83adc742e96ef62de82434","ssdeep":"","tlshash":"5861544fab12248c6336d97db3e3177496ba57236e0145b8f2e8126777c05985230fed","first_seen":"2023-07-23T16:48:18Z","last_seen":"2026-04-19T18:15:20.290434Z","times_seen":189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-21T13:13:44Z","timestamp":1721567624,"ip_dst":{"addr":"172.18.0.21","port":56690,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"157.7.107.156","port":80,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"severity":"medium","alert":"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body","source":"{\"timestamp\":\"2024-07-21T13:13:44.524240+0000\",\"flow_id\":1715027845096312,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"157.7.107.156\",\"src_port\":80,\"dest_ip\":\"172.18.0.21\",\"dest_port\":56690,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2847953,\"rev\":1,\"signature\":\"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_04_01\"]}},\"http\":{\"hostname\":\"findidol.chu.jp\",\"url\":\"/error.html\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1173},\"files\":[{\"filename\":\"/error.html\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":3252,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":616,\"bytes_toclient\":1708,\"start\":\"2024-07-21T13:13:32.566136+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"findidol.chu.jp/qekrn/error.html","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-21T13:13:42.800Z","timestamp":1721567622800,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /qekrn/error.html HTTP/1.1\r\nHost: findidol.chu.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Jul 2024 13:13:36 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: Apache\r\nX-Powered-By: PHP/7.1.33\r\nlocation: error.html\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T09:59:59.281443Z","times_seen":13970278,"resource_available":true,"data":null}},"time_used":1339,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"findidol.chu.jp/qekrn/error.html","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":0,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-21T13:13:42.800Z","timestamp":1721567622800,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /qekrn/error.html HTTP/1.1\r\nHost: findidol.chu.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 21 Jul 2024 13:13:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: error.html\r\nserver: Apache\r\nx-powered-by: PHP/7.1.33\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":6263,"size_decoded":6263,"mime_type":"","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3","md5":"d2a626207a18fc0e42d718147d8fb388","sha1":"238a1f7a9578bd047e93e5eeb820d8f0fd71a691","sha256":"c0612fb30655599ddd56a31fb51da9ccc98d8c396298abcc1e2750b590bcb62e","sha512":"676edf50ce81bd93336437289580389686126f750d5192a7e3900b30828364896353eedc5bedc3db2c5d5c3077cd1c7fd533de5bd55b9170e322dba376c415b4","ssdeep":"192:qENR9FhIh8RIeZlldG1E1Wy7/CBhRb77Lne:qENRU8BtdcEoy7/CBrb77C","tlshash":"b4d1aff12f3c6072e8173e7a92d8bf407e06b5aea50b4d00744c1dac746d8ea6c84370","first_seen":"2024-07-21T11:15:28Z","last_seen":"2024-08-19T16:12:01.139675Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1339,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"findidol.chu.jp/qekrn/","fqdn":"findidol.chu.jp","domain":"findidol.chu.jp","tld":"chu.jp"},"ip":{"addr":"157.7.107.156","port":443,"asn":7506,"as":"GMO Internet,Inc","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-21T13:13:29.340Z","timestamp":1721567609340,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.10gallon.jp","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jul 2024 04:07:40 GMT","end":"Tue, 01 Oct 2024 04:07:39 GMT"},"fingerprint":{"sha1":"46:6C:DC:FF:80:34:6E:02:0A:10:7C:BB:E3:A7:40:49:B1:81:D2:2E","sha256":"42:A5:5C:C3:C1:A9:F0:99:E5:BF:A9:B2:49:1E:CD:18:40:84:CC:68:60:98:B2:4D:29:55:10:05:E5:D8:5E:92"}}},"request":{"raw":"GET /qekrn/ HTTP/1.1\r\nHost: findidol.chu.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 21 Jul 2024 13:13:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: error.html\r\nserver: Apache\r\nx-powered-by: PHP/7.1.33\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T09:59:59.281443Z","times_seen":13970278,"resource_available":true,"data":null}},"time_used":3175,"timings":{"blocked":620,"dns":0,"connect":250,"send":0,"wait":1935,"receive":0,"ssl":368},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-21","alert":"Sinkholed","trigger":"findidol.chu.jp","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}