{"report_id":"636f8b30-5e63-4262-885b-610e7710b10e","version":6,"status":"done","tags":[],"date":"2024-12-30T21:55:34Z","url":{"schema":"http","addr":"qu.ax","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"116.203.119.232","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"qu.ax/","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"title":"qu.ax - Simple \u0026 Private File Hosting"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-10T21:55:34Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2024-12-25T01:37:07.227084Z","alert_count":0,"request_count":2,"received_data":74888,"sent_data":1068,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2024-12-25T01:34:47.792051Z","alert_count":0,"request_count":1,"received_data":27424,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tianji.1337.la","ip":{"addr":"88.198.51.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":9174,"sent_data":1374,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.41.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2017-07-20","domain_rank":422202,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2024-12-25T21:22:51.099456Z","alert_count":0,"request_count":2,"received_data":815355,"sent_data":778,"comment":"","tags":null,"fingerprints":null},{"fqdn":"qu.ax","ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2019-10-23","domain_rank":0,"first_seen":"2019-12-22T19:42:29Z","last_seen":"2024-12-25T14:34:37.444608Z","alert_count":0,"request_count":6,"received_data":72402,"sent_data":2524,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-12-30T21:55:09Z","timestamp":1735595709,"ip_dst":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.12","port":51732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Anonymous File Sharing Service Domain (qu .ax) in TLS SNI","source":"{\"timestamp\":\"2024-12-30T21:55:09.737072+0000\",\"flow_id\":1420790595401736,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":51732,\"dest_ip\":\"188.245.212.27\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2048382,\"rev\":1,\"signature\":\"ET INFO Observed Anonymous File Sharing Service Domain (qu .ax) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_10_02\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_02\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_02\"]}},\"tls\":{\"sni\":\"qu.ax\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":907,\"bytes_toclient\":3970,\"start\":\"2024-12-30T21:55:09.669704+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.41.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2697bf25afb0982dfa17c73536f934c1","sha1":"7d7db122d0639cd1f1a53eb6018d6d713d312679","sha256":"fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea","sha512":"658ee630973f04fa367b366c1ac838fa49fcff01682899f7480ed03201de5ab7b95420ddc5c2da116fe05b90a09ef1798b256628ab56d248a1618fdcdd0d79ca","ssdeep":"12288:fpgrZxSAoNEJb0Wie75aUXGuyQZhK4O0s:RCVoNE0Wie75aUWmnO0s","tlshash":"1b844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2024-12-07T03:18:13.420724Z","last_seen":"2026-03-31T17:49:56.654508Z","times_seen":4042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a845256b30889475feffe9cc24368bc7","sha1":"227347b635810a96d34a6f2fb2dea2f4ccc35ede","sha256":"16f5146338ea9ed419003afe8b459dfdd53af476c65ca0a3301c389e2aa81cd9","sha512":"07dc7c670edb473d84e9f68bc260c55cc062b2f96e6591b7d462ed35ff6192d4cc67494a99955a8a75c97f0cce6e43c954f143e78b171ffafff6f7c8fe9510ae","ssdeep":"","tlshash":"f141ab2e91b3083502f379bba79f9394362600036010df5a7e6cd5a51fd2e808b72bde","size":2223,"data":"","first_seen":"2024-12-01T21:21:16.45566Z","last_seen":"2025-03-02T17:39:30.634406Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tianji.1337.la/tracker.js","fqdn":"tianji.1337.la","domain":"1337.la","tld":"la"},"ip":{"addr":"88.198.51.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"200487c46a5a5e459bedf17b3f92fab6","sha1":"a8fe52bf9380dbba592e118aaee37b76e86c3a2c","sha256":"8b9f7ca84af6c55eee1a711cfb597b6d103d26cb846422a7f4f0800986e5900b","sha512":"7a2ccb9bf1f9626b33bdd77a06e111e7b0a0306cb35a6f335485c304f2acc8df6fa800570a25f227f527ba693eb4f3e865ca56482a110a92e03fd68240aec8bf","ssdeep":"","tlshash":"35510af673c0f072569eacc79a796460e62816b2740a04707bbdecaa523d259c530e4f","size":2519,"data":"","first_seen":"2024-10-25T07:28:47.14344Z","last_seen":"2026-04-02T19:27:48.653471Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/static/js/main2.js","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dc47d6be68f9dd5bb77d359af2ebe2e","sha1":"bdcc507132ecdbbebd74e96bd403af20a4e76dbd","sha256":"39dcbc8953c6ee8ec9ffd16ff2db2a4d5072b78adb5f2e29ff0cc95541c1a9d6","sha512":"f10d7f32c73c32d885a777dff5fbbd45b4b97a55a2cddd75779bdb4538ccb5b0ab0a003e9790f50464eb7cceaf6013de74971d957d4779e5cdfaa2e083891df3","ssdeep":"384:IQ36uloH1meJxSRdV/6CddVjGLTAWLrWbWN:IQ36uleJcRdV/6WdVjGnAWLrWbWN","tlshash":"0252c6056fb7147c416b20be175fa1247b34114b3919dc44b96c8788afa6f09ecebaf8","size":14481,"data":"","first_seen":"2024-12-01T21:21:16.449186Z","last_seen":"2025-03-02T17:39:30.630268Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"qu.ax/grill.php","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.125Z","timestamp":1735595710125,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET /grill.php HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 138\r\nlocation: https://qu.ax/img/grills/6.webp\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":138,"size_decoded":138,"mime_type":"image/webp","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"aff950cab4c0265e21d401db15f1026d","sha1":"f03e18461817f7a6546c8bf8fa8d686d7e30aca0","sha256":"753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0","sha512":"a1f0f6f3dd6788a1d7c922c6a8fc81d4709dbd0bf28433023fb8fbd151f645daa096c6e9dd670fb7f86c1699942514a11c183aa09f0018142f823668fb2a0aa2","ssdeep":"","tlshash":"a5c092af79533c8cc8f33a3954c3a298d1ed92726ba8960096408553b2c72568ec3363","first_seen":"2023-04-05T03:40:47Z","last_seen":"2026-03-26T18:06:03.990474Z","times_seen":38808,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/img/ShareX_Logo_16.png","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.127Z","timestamp":1735595710127,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET /img/ShareX_Logo_16.png HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 874\r\nlast-modified: Sat, 13 Jul 2024 11:26:03 GMT\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":874,"size_decoded":874,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"8bfc13add651b05b03d4e2ac1b4e2a38","sha1":"d78794f1d1c5ef8ae223828894f1684c7cbed2cf","sha256":"aa091ba0b7eb8fd1a2b8db83f870ab48c34ea5938d01a8d3984145f652657f8f","sha512":"1730ea1bf3f395523fe77acfed4ba38c16142bdbdb6e05dba6acd2d6ab20e98ac02783eb8266261875712c51244bc201b2aedd3e6932e2451fc746b586aa58dc","ssdeep":"","tlshash":"eb11b7b4fd017c1fa4ab210be9716253c281451309410e38150079a432bbb67af98600","first_seen":"2024-12-01T21:21:16.419668Z","last_seen":"2026-04-02T05:59:45.254661Z","times_seen":72,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/img/grills/6.webp","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.162Z","timestamp":1735595710162,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET /img/grills/6.webp HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://qu.ax/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18120\r\nlast-modified: Wed, 06 Nov 2024 01:25:24 GMT\r\nx-xss-protection: 1; mode=block\r\nalt-svc: h3=\":443\"; ma=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18120,"size_decoded":18120,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7c14b157d0c0e550bdbab0b07547b821","sha1":"280f2b131d63f8f6863fa325333f514fa55126d7","sha256":"adb9c209c48953c7833740358f391328595f08cc25df8f89300922ffe03adb50","sha512":"942621535dd5218cd368d89530a0e1020b322a5bb85d7a4169bcb03693d5dd2a250e45b9509e612e92548f376b2377212e43ebbbcd2441b66f08c755fd0375a1","ssdeep":"384:KVTYtViehTxjcoBfBqP58vkoGoyJgJDF1GOYlL:KFYtVieZJhBqhRhuZgRV","tlshash":"d482d0e554baab2331641d431cfb96b62447bfb4b3daac4a170642720d7c3e8198736f","first_seen":"2024-12-01T21:21:16.423771Z","last_seen":"2026-04-01T17:04:29.874393Z","times_seen":14,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:11.022Z","timestamp":1735595711022,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://qu.ax\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48236\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 28 Dec 2024 03:56:30 GMT\r\nexpires: Sun, 28 Dec 2025 03:56:30 GMT\r\ncache-control: public, max-age=31536000\r\nage: 237521\r\nlast-modified: Thu, 14 Dec 2023 02:08:40 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48236,"size_decoded":48236,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48236, version 1.0","md5":"015c126a3520c9a8f6a27979d0266e96","sha1":"2acf956561d44434a6d84204670cf849d3215d5f","sha256":"3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa","sha512":"02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c","ssdeep":"768:uj6JxavgLx5rjTH3CdZ3y11o4uMb2IVEhiB6z6GAAHJApICtBgso6HaOjTXHRWK:ujoa4LxZPCdm3B2IVEhiB62apApISxos","tlshash":"eb2302d92e54990d29202a63f45d6e2641301b6acedf4bbceca4ff38006c76f9fe1548","first_seen":"2023-12-14T22:52:19Z","last_seen":"2026-04-05T00:45:40.189417Z","times_seen":106783,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":37,"dns":1,"connect":7,"send":0,"wait":9,"receive":10,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.121Z","timestamp":1735595710121,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /css2?family=Open+Sans:wght@300;400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 30 Dec 2024 21:55:10 GMT\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26740,"size_decoded":26740,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"c7c1ced223040b30fc8223fc57203f01","sha1":"eab875f96ce3667ee71d3b68b9288187271d1957","sha256":"b270d3996d005780f6274be893e551804ee42fb08afc4c7ea3e124e152546632","sha512":"fbd0424f30c70097736b4f982ad0949ac82c81dc65341abdbeee3e5b18d6c59832b081801182cc794f319a8ba678d5c5f284ade9695c7a51a1aa7f45a037ef8c","ssdeep":"768:mkG85ZesAoh4lglYSnmoK0/4vFjc8LCRjO:g8+oOcQob4vhc8UO","tlshash":"d9c2e130cfb134fad7d3740b242654e64d504aa00da63a6068f56cfdf2e646bdaedb84","first_seen":"2024-12-30T21:55:38.692331Z","last_seen":"2025-02-26T10:10:59.973822Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":41,"dns":0,"connect":8,"send":0,"wait":22,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tianji.1337.la/api/website/send","fqdn":"tianji.1337.la","domain":"1337.la","tld":"la"},"ip":{"addr":"88.198.51.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:11.223Z","timestamp":1735595711223,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tianji.1337.la","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Dec 2024 02:41:33 GMT","end":"Wed, 12 Mar 2025 02:41:32 GMT"},"fingerprint":{"sha1":"C3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78","sha256":"74:79:F0:57:A3:68:CE:E1:FA:91:AC:D6:E1:DD:99:0D:24:13:BC:D5:5D:38:96:97:BF:3C:01:D0:D6:2F:0C:90"}}},"request":{"raw":"OPTIONS /api/website/send HTTP/1.1\r\nHost: tianji.1337.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://qu.ax/\r\nOrigin: https://qu.ax\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:11 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nvary: Access-Control-Request-Headers\r\naccess-control-allow-headers: content-type\r\nalt-svc: h3=\":443\"; ma=604800\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":55,"dns":0,"connect":24,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tianji.1337.la/api/website/send","fqdn":"tianji.1337.la","domain":"1337.la","tld":"la"},"ip":{"addr":"88.198.51.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:11.223Z","timestamp":1735595711223,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tianji.1337.la","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Dec 2024 02:41:33 GMT","end":"Wed, 12 Mar 2025 02:41:32 GMT"},"fingerprint":{"sha1":"C3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78","sha256":"74:79:F0:57:A3:68:CE:E1:FA:91:AC:D6:E1:DD:99:0D:24:13:BC:D5:5D:38:96:97:BF:3C:01:D0:D6:2F:0C:90"}}},"request":{"raw":"POST /api/website/send HTTP/1.1\r\nHost: tianji.1337.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://qu.ax/\r\nContent-Type: application/json\r\nContent-Length: 197\r\nOrigin: https://qu.ax\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:11 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\netag: W/\"29d-15bL470VMMdicutaLB5O26LIfLA\"\r\nvary: Accept-Encoding, Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=604800\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5655,"size_decoded":669,"mime_type":"text/plain","magic":"ASCII text, with very long lines (669), with no line terminators","md5":"d8d496e4affa3274fa174bc81cb92bb9","sha1":"d796cbe3bd1530c76272eb5a2c1e4edba2c87cb0","sha256":"4ab5ae97f93286388e4ef95278189d0a57f34567bfb97de10be2e7edb6c0f0fe","sha512":"810f191350a7273c0fa3247ba15471c348c89bba42c58debdea44ba0cbf226db1ea4a42fc76386099e58d04f3bf7bbe4b9d7441f8fa1960da5d44bae2e317183","ssdeep":"","tlshash":"270123d5cc5115ffb700b50364ae6f1d4a2a682358340cb7c3951cdd691534be15c466","first_seen":"2024-12-30T21:55:38.694924Z","last_seen":"2024-12-30T21:55:38.694924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":55,"dns":0,"connect":24,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:11.030Z","timestamp":1735595711030,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://qu.ax\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24984\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 27 Dec 2024 21:54:04 GMT\r\nexpires: Sat, 27 Dec 2025 21:54:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 259267\r\nlast-modified: Thu, 14 Dec 2023 02:04:54 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24984,"size_decoded":24984,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24984, version 1.0","md5":"303a79d404d97ccbb3d803088fc387d8","sha1":"66e3525b79a1a58a63fe0934f31676dd40c7f033","sha256":"7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f","sha512":"5751d97634f0fd270e36044a1ef077c0ec1d9b146bd8e5d28207a083cb350fa467e083433c2f81cff896ac7e3756b7014a408feb203f2d175fdeba0a37f3614e","ssdeep":"384:Q5uIjdBKsKtonblEDVlglYSnDqoK0/65voSFjngxDnMG5QLKhfpy8PCyjc:Q5ZesAoh4lglYSnmoK0/4vFjc8LCRjO","tlshash":"39b2e170cfb134bad7d3641b342655e64a1016a00da53b206df82cfab2e606bc7ddb80","first_seen":"2023-12-15T02:48:06Z","last_seen":"2026-04-04T08:17:51.285654Z","times_seen":7372,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":73,"dns":2,"connect":21,"send":0,"wait":8,"receive":2,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tianji.1337.la/tracker.js","fqdn":"tianji.1337.la","domain":"1337.la","tld":"la"},"ip":{"addr":"88.198.51.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.124Z","timestamp":1735595710124,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tianji.1337.la","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Dec 2024 02:41:33 GMT","end":"Wed, 12 Mar 2025 02:41:32 GMT"},"fingerprint":{"sha1":"C3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78","sha256":"74:79:F0:57:A3:68:CE:E1:FA:91:AC:D6:E1:DD:99:0D:24:13:BC:D5:5D:38:96:97:BF:3C:01:D0:D6:2F:0C:90"}}},"request":{"raw":"GET /tracker.js HTTP/1.1\r\nHost: tianji.1337.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 29 Nov 2024 18:44:09 GMT\r\netag: W/\"9d7-193793cd0a8\"\r\nvary: Accept-Encoding, Accept-Encoding\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2519,"size_decoded":2519,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2598), with no line terminators","md5":"1929a8e0d1dda0a0a8abf874a86786a5","sha1":"85c0eebc1f3828df95c0e9a22eca06972ed13ee1","sha256":"9d6defd3a2304fa35aabd1e04df762a6bd683efeb0d672602c6aebd1473a11a4","sha512":"b7064ee4d7dd6c1be054e0fe16266e3811dea818194d336e153ea9d30c52dfe183692dc0622ec5e0686cf4b14115265ef32784463e79bebd0db19ba0399879f4","ssdeep":"","tlshash":"08510af673c0f072569eacc79a796460e62816b2740a04707bbdecaa523d259c530e4f","first_seen":"2024-10-25T07:28:46.918608Z","last_seen":"2025-04-01T10:29:33.03096Z","times_seen":25,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":131,"dns":77,"connect":28,"send":0,"wait":36,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.16","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.41.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.334Z","timestamp":1735595710334,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Dec 2024 00:31:10 GMT","end":"Tue, 04 Mar 2025 00:31:09 GMT"},"fingerprint":{"sha1":"26:11:6A:E2:4D:77:ED:0F:2E:DC:58:A5:79:39:84:D7:E6:ED:EC:E3","sha256":"9D:30:69:4B:52:C7:5F:D7:DD:54:48:67:AD:26:9E:54:47:1D:AE:E7:5D:F6:98:41:EE:0F:CC:0D:D4:3C:88:15"}}},"request":{"raw":"GET /3.4.16 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://qu.ax/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: cle1::iad1::rv4dn-1733520637303-9c55b126e284\r\nlast-modified: Fri, 06 Dec 2024 21:30:37 GMT\r\ncf-cache-status: HIT\r\nage: 931062\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8fa545c59b4856c6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":407279,"size_decoded":407279,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"2697bf25afb0982dfa17c73536f934c1","sha1":"7d7db122d0639cd1f1a53eb6018d6d713d312679","sha256":"fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea","sha512":"658ee630973f04fa367b366c1ac838fa49fcff01682899f7480ed03201de5ab7b95420ddc5c2da116fe05b90a09ef1798b256628ab56d248a1618fdcdd0d79ca","ssdeep":"12288:fpgrZxSAoNEJb0Wie75aUXGuyQZhK4O0s:RCVoNE0Wie75aUWmnO0s","tlshash":"1b844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2024-12-07T03:18:13.420724Z","last_seen":"2026-03-31T17:49:56.654508Z","times_seen":4042,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/favicon.ico","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.992Z","timestamp":1735595710992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:11 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Wed, 06 Nov 2024 01:25:22 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20601,"size_decoded":20601,"mime_type":"image/x-icon","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"b1427ced1520ea9d49dc3ff783f9fc38","sha1":"f63057f04bbc9685daef2a5bb5f8b6c0ae483bf0","sha256":"9374e3620b1daa8f7ce59acc9250129e15dae90354280f4ce3b8369209ebdd31","sha512":"af6d02903058ba9e2164e0b77ca0b870331e4e85bfe79c62abe2731b7997b39a11f6835137c8fe23b8b2a03b3425a528f612378aaabe2280b59a3f31aae72f6f","ssdeep":"384:RovOhmplLJz/ZlUgmTZPkx1B6ffc9XdP+z1ZJ7BuuWbzzqf69mKThIUHkjNrH8i:Ro6y3ggsMXBkc94zD2z24mKThIUyNrH/","tlshash":"bd92d18641398eed5da19297f842662fc6d82b36a87449fe141f1c918cb297c1a3f24b","first_seen":"2023-06-27T16:50:02Z","last_seen":"2026-04-02T05:59:45.256934Z","times_seen":409,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.41.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.116Z","timestamp":1735595710116,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Dec 2024 00:31:10 GMT","end":"Tue, 04 Mar 2025 00:31:09 GMT"},"fingerprint":{"sha1":"26:11:6A:E2:4D:77:ED:0F:2E:DC:58:A5:79:39:84:D7:E6:ED:EC:E3","sha256":"9D:30:69:4B:52:C7:5F:D7:DD:54:48:67:AD:26:9E:54:47:1D:AE:E7:5D:F6:98:41:EE:0F:CC:0D:D4:3C:88:15"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.16\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: cle1::iad1::njnvs-1735594927209-7728d3ed0827\r\ncf-cache-status: HIT\r\nage: 229\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8fa545c489ff56c6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":407279,"size_decoded":407279,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":54,"dns":35,"connect":3,"send":0,"wait":16,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-30T21:55:09.666Z","timestamp":1735595709666,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:09 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 12 Dec 2024 03:42:09 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16722,"size_decoded":16722,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (536)","md5":"8577efea870546d15d9ee730c4fae024","sha1":"28f4036eec54552a679923ce3a7e7d8d368f5e99","sha256":"68c64d5e63a881c48483e1b63e66c65715856afd2b2067487ecda0d778a5a361","sha512":"9219d7ec4a3c173b65d1bb6ed65bba4d2f1a9bfa9e3c45c31a3750846595be0dcffb275bc72faa22234190205b8154daad16ab5a8f0b27a801dff3999debf214","ssdeep":"384:QYwPwQd4gHeHkBHKt65lhlwEg6D1YYLNW:QYQx4gH9BHKt65lhlwB6Di","tlshash":"3c7296a252f3083a2153c2f9ffd6b6285f69c147c606da58b1bd81912fc6d40dd93ab8","first_seen":"2024-12-30T21:55:38.699909Z","last_seen":"2025-01-25T13:53:58.71158Z","times_seen":5,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":79,"dns":15,"connect":31,"send":0,"wait":38,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qu.ax/static/js/main2.js","fqdn":"qu.ax","domain":"qu.ax","tld":"ax"},"ip":{"addr":"188.245.212.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qu.ax/","date":"2024-12-30T21:55:10.131Z","timestamp":1735595710131,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qu.ax","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Nov 2024 16:29:08 GMT","end":"Wed, 05 Feb 2025 16:29:07 GMT"},"fingerprint":{"sha1":"B1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5","sha256":"4D:C9:92:EF:1C:D2:B5:10:EA:0C:1D:D5:CF:74:92:06:2B:63:CD:12:C3:68:14:C4:EA:31:F3:97:4D:8E:F0:F6"}}},"request":{"raw":"GET /static/js/main2.js HTTP/1.1\r\nHost: qu.ax\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qu.ax/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 30 Dec 2024 21:55:10 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 06 Nov 2024 01:25:26 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14481,"size_decoded":14481,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"5dc47d6be68f9dd5bb77d359af2ebe2e","sha1":"bdcc507132ecdbbebd74e96bd403af20a4e76dbd","sha256":"39dcbc8953c6ee8ec9ffd16ff2db2a4d5072b78adb5f2e29ff0cc95541c1a9d6","sha512":"f10d7f32c73c32d885a777dff5fbbd45b4b97a55a2cddd75779bdb4538ccb5b0ab0a003e9790f50464eb7cceaf6013de74971d957d4779e5cdfaa2e083891df3","ssdeep":"384:IQ36uloH1meJxSRdV/6CddVjGLTAWLrWbWN:IQ36uleJcRdV/6WdVjGnAWLrWbWN","tlshash":"0252c6056fb7147c416b20be175fa1247b34114b3919dc44b96c8788afa6f09ecebaf8","first_seen":"2024-12-01T21:21:16.449186Z","last_seen":"2025-03-02T17:39:30.630268Z","times_seen":9,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}