{"report_id":"6b3f8939-7020-4fb9-b2da-ef093c11d941","version":6,"status":"done","tags":[],"date":"2025-10-09T05:08:55Z","url":{"schema":"http","addr":"9.okaset.com/","fqdn":"9.okaset.com","domain":"okaset.com","tld":"com"},"ip":{"addr":"172.67.143.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"9.okaset.com/","fqdn":"9.okaset.com","domain":"okaset.com","tld":"com"},"title":"9.okaset.com/"},"submit":{"url":{"schema":"http","addr":"9.okaset.com/","fqdn":"9.okaset.com","domain":"okaset.com","tld":"com"},"ip":{"addr":"172.67.143.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-13T05:08:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"9.okaset.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"9.okaset.com","ip":{"addr":"172.67.143.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-11-08","domain_rank":0,"first_seen":"2025-06-12T03:45:01.741663Z","last_seen":"2025-08-30T10:54:42.716887Z","alert_count":2,"request_count":2,"received_data":1413,"sent_data":912,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"9.okaset.com/","fqdn":"9.okaset.com","domain":"okaset.com","tld":"com"},"ip":{"addr":"172.67.143.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-09T05:08:32.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"okaset.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 15:55:18 GMT","end":"Sun, 16 Nov 2025 16:53:54 GMT"},"fingerprint":{"sha1":"E2:44:81:43:3E:9B:CB:1D:30:A9:2F:B4:B4:34:BB:78:25:5E:AA:29","sha256":"EF:E8:BA:4A:3D:74:23:2D:7D:54:F2:6C:17:E3:E5:98:29:AA:68:83:7C:93:A9:83:4D:E1:6F:96:A3:11:38:C8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 9.okaset.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Oct 2025 05:08:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=30Co%2BHK%2BeFpYfdxeMqovt5kbanA5%2BzUnYgrZMOyCN0epxMUqyJCoxEagpfpHkEpYm4Id92EK5%2BtIrFoC823aN6uiWMdiHL68qbw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98bb5c5a2867b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"b75088f9e84a3cb4f5caf64850d657c8","sha1":"f0e2063b6c171589dabb7bee1bb8543ac79811ab","sha256":"80ea514c5d11b147698cdf879da3f43daec174a5da3b159d54616f48ca207945","sha512":"df4aa4cade27c368328184cb79d8f9b8ca3377abae860b1844e273763103ea297a25c01b167bda54b7fdb032da187d1cc37384015835140c54b298811a183027","ssdeep":"","tlshash":"a9c08ce6d0b2480d54b0a7b08d81e12849499aa8b3021e007ec131e85cea75688e3288","first_seen":"2024-12-18T14:53:48.194086Z","last_seen":"2026-04-11T00:26:49.130133Z","times_seen":2418,"resource_available":true,"data":null}},"time_used":389,"timings":{"blocked":189,"dns":1,"connect":1,"send":0,"wait":11,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"9.okaset.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9.okaset.com/favicon.ico","fqdn":"9.okaset.com","domain":"okaset.com","tld":"com"},"ip":{"addr":"172.67.143.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9.okaset.com/","date":"2025-10-09T05:08:33.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"okaset.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 15:55:18 GMT","end":"Sun, 16 Nov 2025 16:53:54 GMT"},"fingerprint":{"sha1":"E2:44:81:43:3E:9B:CB:1D:30:A9:2F:B4:B4:34:BB:78:25:5E:AA:29","sha256":"EF:E8:BA:4A:3D:74:23:2D:7D:54:F2:6C:17:E3:E5:98:29:AA:68:83:7C:93:A9:83:4D:E1:6F:96:A3:11:38:C8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 9.okaset.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9.okaset.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 09 Oct 2025 05:08:33 GMT\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=utIGV8McLFyDQ%2BPJY8mscQCkk9PpUAMlpV%2Fkd4q6UOaTx5rAGEtZB%2Fo0h44PIaxzbschljDTyzuSnfAwyG%2Fm%2B2vYP%2FNif%2F6BPZzmKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 98bb5c5b9d80b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"b75088f9e84a3cb4f5caf64850d657c8","sha1":"f0e2063b6c171589dabb7bee1bb8543ac79811ab","sha256":"80ea514c5d11b147698cdf879da3f43daec174a5da3b159d54616f48ca207945","sha512":"df4aa4cade27c368328184cb79d8f9b8ca3377abae860b1844e273763103ea297a25c01b167bda54b7fdb032da187d1cc37384015835140c54b298811a183027","ssdeep":"","tlshash":"a9c08ce6d0b2480d54b0a7b08d81e12849499aa8b3021e007ec131e85cea75688e3288","first_seen":"2024-12-18T14:53:48.194086Z","last_seen":"2026-04-11T00:26:49.130133Z","times_seen":2418,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"9.okaset.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}