{"report_id":"7964e0e0-1c90-45a6-be2d-a9a988d63dd1","version":6,"status":"done","tags":[],"date":"2024-06-11T23:46:16Z","url":{"schema":"http","addr":"webleon.org/","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"ip":{"addr":"198.54.126.161","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"webleon.org/","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"title":"IDNJP 🙀 Tersedia Deposit Pulsa Indosat \u0026 Slot Bank Jago"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T13:42:34Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"167.99.50.72","ip":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2021-05-06 00:14:48","last_seen":"2023-10-11 10:09:24","alert_count":4,"request_count":4,"received_data":23316,"sent_data":1666,"comment":"","tags":null,"fingerprints":null},{"fqdn":"webleon.org","ip":{"addr":"198.54.126.161","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":879363,"sent_data":1774,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":329,"first_seen":"2015-10-09 06:27:01","last_seen":"2024-06-11 18:12:37","alert_count":0,"request_count":7,"received_data":109192,"sent_data":3133,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zerossl.ocsp.sectigo.com","ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2018-08-16","domain_rank":4049,"first_seen":"2020-05-09 21:05:29","last_seen":"2024-06-10 18:39:44","alert_count":0,"request_count":4,"received_data":4880,"sent_data":1344,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-06-11T23:45:53Z","timestamp":1718149553,"ip_dst":{"addr":"Client IP","port":42070,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-11T23:45:53.464402+0000\",\"flow_id\":490733864870924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"167.99.50.72\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":42070,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=167.99.50.72\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"00:83:3B:6F:E9:0E:C5:54:B3:F7:9E:51:57:C5:AA:15:64\",\"fingerprint\":\"eb:c9:7f:3e:9c:60:eb:67:d7:74:6f:0b:da:cf:f1:a9:73:4c:c4:64\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-01-11T00:00:00\",\"notafter\":\"2025-01-10T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1014,\"bytes_toclient\":2537,\"start\":\"2024-06-11T23:45:53.189452+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-11T23:45:53Z","timestamp":1718149553,"ip_dst":{"addr":"Client IP","port":42086,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-11T23:45:53.474198+0000\",\"flow_id\":1460765113574592,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"167.99.50.72\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":42086,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=167.99.50.72\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"00:83:3B:6F:E9:0E:C5:54:B3:F7:9E:51:57:C5:AA:15:64\",\"fingerprint\":\"eb:c9:7f:3e:9c:60:eb:67:d7:74:6f:0b:da:cf:f1:a9:73:4c:c4:64\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-01-11T00:00:00\",\"notafter\":\"2025-01-10T23:59:59\",\"ja3\":{\"hash\":\"3271cf62f45f551e79405f26e227ebda\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1086,\"bytes_toclient\":2537,\"start\":\"2024-06-11T23:45:53.189632+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-11T23:45:53Z","timestamp":1718149553,"ip_dst":{"addr":"Client IP","port":42062,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-11T23:45:53.481838+0000\",\"flow_id\":980493280600805,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"167.99.50.72\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":42062,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=167.99.50.72\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"00:83:3B:6F:E9:0E:C5:54:B3:F7:9E:51:57:C5:AA:15:64\",\"fingerprint\":\"eb:c9:7f:3e:9c:60:eb:67:d7:74:6f:0b:da:cf:f1:a9:73:4c:c4:64\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-01-11T00:00:00\",\"notafter\":\"2025-01-10T23:59:59\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1014,\"bytes_toclient\":2537,\"start\":\"2024-06-11T23:45:53.189157+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-11T23:45:53Z","timestamp":1718149553,"ip_dst":{"addr":"Client IP","port":42058,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-11T23:45:53.501574+0000\",\"flow_id\":973539728548098,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"167.99.50.72\",\"src_port\":443,\"dest_ip\":\"172.18.0.4\",\"dest_port\":42058,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=167.99.50.72\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"00:83:3B:6F:E9:0E:C5:54:B3:F7:9E:51:57:C5:AA:15:64\",\"fingerprint\":\"eb:c9:7f:3e:9c:60:eb:67:d7:74:6f:0b:da:cf:f1:a9:73:4c:c4:64\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-01-11T00:00:00\",\"notafter\":\"2025-01-10T23:59:59\",\"ja3\":{\"hash\":\"3271cf62f45f551e79405f26e227ebda\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1086,\"bytes_toclient\":2537,\"start\":\"2024-06-11T23:45:53.188674+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-youtube-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f944acf140b481f22a0c5b6e7f9a791","sha1":"d3d6a146374f7d0e4f7a183e15f4375c2058cbf5","sha256":"bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a","sha512":"bb05c2f9335886de757a2c618502f85aea2d4bbc2191dc4f0cdd19308a446d1d90d24a19283fbbd2197a8a9f575f4c77af3c0589d288e018ca12efe2eaa48e03","ssdeep":"768:JWxCJaYRDbU5murHaNa1UCCQXDd96PvWuy4c3egiYPPb+yUhm9lhI0WAf6abwwx:929Iwi8vwwx","tlshash":"13e2fbb63183b42242d658f698b70005d3386589344ae87df17deec32ea9d8572b6f7c","size":31573,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.875441Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e92311bfcf04b05b387ef17a94f20f1f","sha1":"0ce005148522723b0ffb1ef08174832c3ff8f803","sha256":"1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5","sha512":"11f714d4a30486a93da6d6e9d85d0da7a7850cd5890cc63f63c54752ff268476e6a3de40f4dad25d8fa32beb34173743188ea9480034f6e806c8632264a1bb4a","ssdeep":"3072:KHxeYahp7UbJAVZXnROBMrXSlGhU0lYZ/hg3:MeYahp7UbmVyBMrXSluU0lac","tlshash":"dd24d6a63296b03247e154f5d4770002e3296998344b806cf97ceecb7ca9d86b1b6f7d","size":228238,"data":"","first_seen":"2024-06-11T21:33:53Z","last_seen":"2024-08-19T20:16:03.359354Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e0f1dd82e88dc36b4794093b1ec9d33","sha1":"c632f49d5879c13ae02afe0098559a7a9d6e8465","sha256":"f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183","sha512":"020050432ce1172bec52d63f48c2952b41b7f16fbad923ac06cdd3b0cb5306858650cb520d95c424bd9ab918941f7af798d471e02c0235da53a321c545d44297","ssdeep":"768:EhMeyJaongtXq3yoSae/2yyEV6okVBIxYDqhHrXCzaHorviQEdZZKVUVlD0r7PAy:cM5iK23YQQ4IB","tlshash":"0ae2f9e37142743a0bea4ab440279105e62d691530c64d2cb0eddec7fe6a996f279f3c","size":33472,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.877207Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-accordion-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8ac6be853c18c63a63d2ba1657a875bd","sha1":"c72ef85cb629f2ead2137c440a61bd84f8e4409d","sha256":"0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80","sha512":"c118a7edecda359e091124444d4406c137d7b1fb2c41ab132b42a708ba53f8bb106d0ddc5577abe64c71dfb0b280ed86cfcecdd2ea4574bbc809d0949c6d2c75","ssdeep":"384:ncUXbsbPDhNCRQEUkSH8C/4WSfUz+WmY0s1PubM0l88:9XgjHcQEUkUMWSfo+WmY91GbM0y8","tlshash":"a052c5a9308271331bea2ee1c85a1545a3353455711b4d2cf2acdec73a2ec5679fba3c","size":14122,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.877852Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a9708ead48b2e7a8a1b1e911072d199","sha1":"1478a6743667df88aa58ca7a156c6f905080a719","sha256":"3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1","sha512":"0a9b9c689a4d53fd960ece1417a61d95a7e5d19e404e26978fd4c5fca1f1b1eec7c9637bf2c23d2a140fbe8a249a664334f536d25221c49b69f2cb513a57a2a0","ssdeep":"192:twOKyA3P1lfzrd6Z8m5i9XnbfyamIGED7Ta7p:twOCf1loZ8F9XOamIWp","tlshash":"fed1a66d3551e0370ea914a1e4376599617a6218302bc058f2bcdccfb976dd97232f3e","size":6555,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.87854Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e24bd18bec0f709224ed4a70268b1296","sha1":"135582d62f572e6e95dedb8a0cb7619d9956538b","sha256":"6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0","sha512":"e18cf224851595f6903f0d07a6a56fe9d74ca6ff4a4dd0831f20b7226a1583d446f9b2d5fa140be1818b823aa3a649b9e2651aa08d50a45c715893620677df4f","ssdeep":"384:vo39KdedznnH3MxZEulqaa5F4g5A4WR2vCk:A39KMdTXMLEulDa5F4g5A4WR2vCk","tlshash":"ad42b460a60ba2ac430342f488f5b966757ccd4fb8104075f1500ededf8ae44bdbb96e","size":12361,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.879879Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"005c39c0528bd68a5f25f8fcf5fe6e91","sha1":"f9b2d47a78850940596235edb368cd6c4eb01d94","sha256":"ab0b41379b43b0983195c1daf6dae1c2ea4c706c5dca9e3e56a7ae17c99a1f93","sha512":"9494a5692dcade3b9fb4ad799f9b54e70c1269f17cf0e13f06a2f3abea9c53de9ca4e90916c9a769b19ddfc1c27213aea0a04d0c29aa5fe2be6536a11e7e382d","ssdeep":"96:KLWi1ebAUeBWFmiH0ABalyPpmGYmIXydl4lEg0F7zG9h4fdGbhlofO2zXlLg10Xg:kWEuxFmiH06HmGYDj2FHuu2mlLgA/l/G","tlshash":"40e193e876c2f4354baa59b2c17b9446e73da951300b4060d1bcfd897c7a0a69772f2c","size":7095,"data":"","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.880595Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"webleon.org/","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"ip":{"addr":"198.54.126.161","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-11T23:45:50.414Z","timestamp":1718149550414,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webleon.org","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E8:B8:1F:C1:6F:BA:A9:E5:EE:CE:BF:BA:CE:93:B8:1E:89:01:E6:E2","sha256":"F1:18:C7:E3:38:2F:48:63:BD:6B:B9:08:B2:F6:72:9F:54:85:42:26:9F:9B:76:D6:D0:EA:F7:A5:A9:21:38:F5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: webleon.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 25 May 2024 15:40:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10913\r\ndate: Tue, 11 Jun 2024 23:45:50 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10913,"size_decoded":69227,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1004), with CRLF line terminators","md5":"1148275d90d5ff90ec4f38882cc716b3","sha1":"b798548601f56fd0907691a1564142c301b4fe78","sha256":"f17a316292b107f8471c7b10cc405d1a4b75ec8c09d1853f322d1841021e364d","sha512":"0b007dc5df48280a9d4eb91f43616bfab96dd0dfa338dd0695a9477a5620d9197fd875e00163c836475ccaed7112765f72baa9c90b03df237bcec2d2b26a5a8a","ssdeep":"768:OW2yfGNLCDWboZcxitoQw7XV7BFzo7fQcnketCVPUR:jCmoBXVz+","tlshash":"e263a63a594010455133d378a7e36f1afe35812392024c5b7eec6bb69fb6a908e63f5c","first_seen":"2024-08-19T20:14:52.873831Z","last_seen":"2024-08-19T20:14:52.873831Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1206,"timings":{"blocked":424,"dns":1,"connect":166,"send":0,"wait":332,"receive":1,"ssl":277},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-youtube-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.423Z","timestamp":1718149551423,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /v0/amp-youtube-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10328\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nexpires: Tue, 11 Jun 2024 23:45:51 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"d7a57c45467e46f9\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10328,"size_decoded":31573,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31456)","md5":"6f944acf140b481f22a0c5b6e7f9a791","sha1":"d3d6a146374f7d0e4f7a183e15f4375c2058cbf5","sha256":"bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a","sha512":"bb05c2f9335886de757a2c618502f85aea2d4bbc2191dc4f0cdd19308a446d1d90d24a19283fbbd2197a8a9f575f4c77af3c0589d288e018ca12efe2eaa48e03","ssdeep":"768:JWxCJaYRDbU5murHaNa1UCCQXDd96PvWuy4c3egiYPPb+yUhm9lhI0WAf6abwwx:929Iwi8vwwx","tlshash":"13e2fbb63183b42242d658f698b70005d3386589344ae87df17deec32ea9d8572b6f7c","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.875441Z","times_seen":8,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":201,"dns":52,"connect":39,"send":0,"wait":37,"receive":7,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.418Z","timestamp":1718149551418,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /v0.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 63603\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nexpires: Tue, 11 Jun 2024 23:45:51 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"0d917317b332e439\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":63603,"size_decoded":228238,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64648)","md5":"e92311bfcf04b05b387ef17a94f20f1f","sha1":"0ce005148522723b0ffb1ef08174832c3ff8f803","sha256":"1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5","sha512":"11f714d4a30486a93da6d6e9d85d0da7a7850cd5890cc63f63c54752ff268476e6a3de40f4dad25d8fa32beb34173743188ea9480034f6e806c8632264a1bb4a","ssdeep":"3072:KHxeYahp7UbJAVZXnROBMrXSlGhU0lYZ/hg3:MeYahp7UbmVyBMrXSluU0lac","tlshash":"dd24d6a63296b03247e154f5d4770002e3296998344b806cf97ceecb7ca9d86b1b6f7d","first_seen":"2024-06-11T21:33:53Z","last_seen":"2024-08-19T20:16:03.359354Z","times_seen":33,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":207,"dns":54,"connect":35,"send":0,"wait":44,"receive":61,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.420Z","timestamp":1718149551420,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /v0/amp-carousel-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10061\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nexpires: Tue, 11 Jun 2024 23:45:51 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"58e271b33468f874\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10061,"size_decoded":33472,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33352)","md5":"9e0f1dd82e88dc36b4794093b1ec9d33","sha1":"c632f49d5879c13ae02afe0098559a7a9d6e8465","sha256":"f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183","sha512":"020050432ce1172bec52d63f48c2952b41b7f16fbad923ac06cdd3b0cb5306858650cb520d95c424bd9ab918941f7af798d471e02c0235da53a321c545d44297","ssdeep":"768:EhMeyJaongtXq3yoSae/2yyEV6okVBIxYDqhHrXCzaHorviQEdZZKVUVlD0r7PAy:cM5iK23YQQ4IB","tlshash":"0ae2f9e37142743a0bea4ab440279105e62d691530c64d2cb0eddec7fe6a996f279f3c","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.877207Z","times_seen":8,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":205,"dns":58,"connect":39,"send":0,"wait":105,"receive":3,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-accordion-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.425Z","timestamp":1718149551425,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /v0/amp-accordion-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 4851\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nexpires: Tue, 11 Jun 2024 23:45:51 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"044cfe454203f62c\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4851,"size_decoded":14122,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14003)","md5":"8ac6be853c18c63a63d2ba1657a875bd","sha1":"c72ef85cb629f2ead2137c440a61bd84f8e4409d","sha256":"0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80","sha512":"c118a7edecda359e091124444d4406c137d7b1fb2c41ab132b42a708ba53f8bb106d0ddc5577abe64c71dfb0b280ed86cfcecdd2ea4574bbc809d0949c6d2c75","ssdeep":"384:ncUXbsbPDhNCRQEUkSH8C/4WSfUz+WmY0s1PubM0l88:9XgjHcQEUkUMWSfo+WmY91GbM0y8","tlshash":"a052c5a9308271331bea2ee1c85a1545a3353455711b4d2cf2acdec73a2ec5679fba3c","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.877852Z","times_seen":8,"resource_available":true,"data":null}},"time_used":558,"timings":{"blocked":231,"dns":54,"connect":39,"send":0,"wait":77,"receive":7,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.422Z","timestamp":1718149551422,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /v0/amp-install-serviceworker-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2374\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nexpires: Tue, 11 Jun 2024 23:45:51 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"dbd3ebd0533057c6\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2374,"size_decoded":6555,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6424)","md5":"5a9708ead48b2e7a8a1b1e911072d199","sha1":"1478a6743667df88aa58ca7a156c6f905080a719","sha256":"3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1","sha512":"0a9b9c689a4d53fd960ece1417a61d95a7e5d19e404e26978fd4c5fca1f1b1eec7c9637bf2c23d2a140fbe8a249a664334f536d25221c49b69f2cb513a57a2a0","ssdeep":"192:twOKyA3P1lfzrd6Z8m5i9XnbfyamIGED7Ta7p:twOCf1loZ8F9XOamIWp","tlshash":"fed1a66d3551e0370ea914a1e4376599617a6218302bc058f2bcdccfb976dd97232f3e","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.87854Z","times_seen":8,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":240,"dns":51,"connect":38,"send":0,"wait":78,"receive":0,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webleon.org/image/IDNJP88.png","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"ip":{"addr":"198.54.126.161","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:51.415Z","timestamp":1718149551415,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webleon.org","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E8:B8:1F:C1:6F:BA:A9:E5:EE:CE:BF:BA:CE:93:B8:1E:89:01:E6:E2","sha256":"F1:18:C7:E3:38:2F:48:63:BD:6B:B9:08:B2:F6:72:9F:54:85:42:26:9F:9B:76:D6:D0:EA:F7:A5:A9:21:38:F5"}}},"request":{"raw":"GET /image/IDNJP88.png HTTP/1.1\r\nHost: webleon.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 18 Jun 2024 23:45:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 May 2024 08:01:19 GMT\r\naccept-ranges: bytes\r\ncontent-length: 806042\r\ndate: Tue, 11 Jun 2024 23:45:51 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":806042,"size_decoded":806042,"mime_type":"image/png","magic":"PNG image data, 840 x 480, 8-bit/color RGBA, non-interlaced","md5":"c592b6319b311d7859cc2765f522cc88","sha1":"16e0231cb9f45bc8074853db4239d2e0e8cb2a46","sha256":"4e9b9b26a5e2036cbab920a911b3448dbcd978992d0395e7a135434d3b9b1121","sha512":"febc5f66914fe4563c54f27b0df37f38e19e15e822ad1607c5c830bff20dbe8db61e4fa6ac86eb14339ef7b3e6e47b60ed93e673532bafbcc37853099610def2","ssdeep":"24576:p7/FIrO6qpO8BCFm5HV3VcM7RMBDFLNNV+umTC2dn:xFIrOxam5HhV9U/Nsumbdn","tlshash":"37052346c8fef477b7482e9a19284d24dfd8e252f72db20bc714f9984b4d593a7a0708","first_seen":"2024-08-19T20:14:52.879198Z","last_seen":"2024-08-19T20:14:52.879198Z","times_seen":1,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":708,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.185Z","timestamp":1718149553185,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /rtv/012405300626000/v0/amp-loader-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3912\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Jun 2024 17:32:59 GMT\r\nexpires: Wed, 11 Jun 2025 17:32:59 GMT\r\ncache-control: public, max-age=31536000\r\netag: \"d1e9ab0ab42c428d\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 22374\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3912,"size_decoded":12361,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12245)","md5":"e24bd18bec0f709224ed4a70268b1296","sha1":"135582d62f572e6e95dedb8a0cb7619d9956538b","sha256":"6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0","sha512":"e18cf224851595f6903f0d07a6a56fe9d74ca6ff4a4dd0831f20b7226a1583d446f9b2d5fa140be1818b823aa3a649b9e2651aa08d50a45c715893620677df4f","ssdeep":"384:vo39KdedznnH3MxZEulqaa5F4g5A4WR2vCk:A39KMdTXMLEulDa5F4g5A4WR2vCk","tlshash":"ad42b460a60ba2ac430342f488f5b966757ccd4fb8104075f1500ededf8ae44bdbb96e","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.879879Z","times_seen":11,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.147.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.268Z","timestamp":1718149553268,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 May 2024 05:37:36 GMT","end":"Tue, 13 Aug 2024 05:37:35 GMT"},"fingerprint":{"sha1":"CE:73:CD:DB:7E:BF:BC:83:74:DD:FE:6A:4E:D3:A4:64:99:74:81:26","sha256":"E9:B9:55:3D:0B:AE:D0:E7:F5:37:D1:B0:01:C2:86:54:11:F9:A5:43:C3:B8:76:CD:94:E1:08:9B:60:7E:37:D0"}}},"request":{"raw":"GET /rtv/012405300626000/v0/amp-auto-lightbox-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://webleon.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2819\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Jun 2024 17:34:21 GMT\r\nexpires: Wed, 11 Jun 2025 17:34:21 GMT\r\ncache-control: public, max-age=31536000\r\netag: \"c7fb1b175e8c068d\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 22292\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2819,"size_decoded":7095,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6972)","md5":"005c39c0528bd68a5f25f8fcf5fe6e91","sha1":"f9b2d47a78850940596235edb368cd6c4eb01d94","sha256":"ab0b41379b43b0983195c1daf6dae1c2ea4c706c5dca9e3e56a7ae17c99a1f93","sha512":"9494a5692dcade3b9fb4ad799f9b54e70c1269f17cf0e13f06a2f3abea9c53de9ca4e90916c9a769b19ddfc1c27213aea0a04d0c29aa5fe2be6536a11e7e382d","ssdeep":"96:KLWi1ebAUeBWFmiH0ABalyPpmGYmIXydl4lEg0F7zG9h4fdGbhlofO2zXlLg10Xg:kWEuxFmiH06HmGYDj2FHuu2mlLgA/l/G","tlshash":"40e193e876c2f4354baa59b2c17b9446e73da951300b4060d1bcfd897c7a0a69772f2c","first_seen":"2024-06-12T01:46:24Z","last_seen":"2024-08-19T20:14:52.880595Z","times_seen":8,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":35,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webleon.org/favicon/idnjp.favicon.png","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"ip":{"addr":"198.54.126.161","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.167Z","timestamp":1718149553167,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webleon.org","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E8:B8:1F:C1:6F:BA:A9:E5:EE:CE:BF:BA:CE:93:B8:1E:89:01:E6:E2","sha256":"F1:18:C7:E3:38:2F:48:63:BD:6B:B9:08:B2:F6:72:9F:54:85:42:26:9F:9B:76:D6:D0:EA:F7:A5:A9:21:38:F5"}}},"request":{"raw":"GET /favicon/idnjp.favicon.png HTTP/1.1\r\nHost: webleon.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 18 Jun 2024 23:45:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 May 2024 09:29:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 43443\r\ndate: Tue, 11 Jun 2024 23:45:53 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43443,"size_decoded":43443,"mime_type":"image/png","magic":"PNG image data, 329 x 317, 8-bit/color RGBA, non-interlaced","md5":"9a2ea6c532627580ce50ac7bc9642778","sha1":"ef1e94e8dede283d206fd6995045903ec208c462","sha256":"b62284a0d2328d12c1bf04406e5bb3106b080a787d202cdeed43ad423629ab18","sha512":"a3df4367490d40faadab8977e5aea4709a2f036002559ca7d8bf17f43b99c82fa333231dc8bc7496b86d890dfa407c78037306303555b2d544e9831a12070612","ssdeep":"768:vWf+ojcP6q70fUw6Ng2kd9SwCYQX4v+OdvQkMNFwlflxpT3cFs/LYAWdlovlIkMW:vW26qwNy+9SwCZ6Q3wlN33cFxqTt","tlshash":"0613f2436d0c3316dfa19be0fb5464e48d24f84a8c05a9a7dfd0ae0f7d8a906d077ea4","first_seen":"2024-08-19T20:14:52.881368Z","last_seen":"2024-08-19T20:14:52.881368Z","times_seen":1,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webleon.org/logo/IDN.png","fqdn":"webleon.org","domain":"webleon.org","tld":"org"},"ip":{"addr":"198.54.126.161","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.188Z","timestamp":1718149553188,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webleon.org","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E8:B8:1F:C1:6F:BA:A9:E5:EE:CE:BF:BA:CE:93:B8:1E:89:01:E6:E2","sha256":"F1:18:C7:E3:38:2F:48:63:BD:6B:B9:08:B2:F6:72:9F:54:85:42:26:9F:9B:76:D6:D0:EA:F7:A5:A9:21:38:F5"}}},"request":{"raw":"GET /logo/IDN.png HTTP/1.1\r\nHost: webleon.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 18 Jun 2024 23:45:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 May 2024 08:32:15 GMT\r\naccept-ranges: bytes\r\ncontent-length: 17730\r\ndate: Tue, 11 Jun 2024 23:45:53 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17730,"size_decoded":17730,"mime_type":"image/png","magic":"PNG image data, 320 x 70, 8-bit/color RGBA, non-interlaced","md5":"a8708446a69d426a41602da98c1d7eef","sha1":"9049633ae36847527cf649ee89a0e2e407b574ea","sha256":"f62460c3ffd47afe032924733d055bf09d656b24261cff19b1d86e693df26670","sha512":"0f0b85749e012556ecb19b2f6b4a26dfb97aa800b1daf025cfcdb24cc73e7226eca3c0201c47ff1be1e5c9696cbebcd3e7dbd6e3bf24cf71d6a4c30f2377138e","ssdeep":"384:jUhPZDciN6v72t4JyTNdOO6yH3b73rUPxSmgTCJvRv7wPrHa:IrDc+JtC+N5LubgTM58Da","tlshash":"5d82d0e3410bc92942cbe7a5d0caf577b28eb43d4224427d568e648e7a9ed433fe9105","first_seen":"2024-08-19T20:14:52.882112Z","last_seen":"2024-08-19T20:14:52.882112Z","times_seen":1,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-11T23:45:53.514252037Z","timestamp":1718149553514,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 728\r\nConnection: keep-alive\r\nLast-Modified: Sun, 09 Jun 2024 16:51:32 GMT\r\nExpires: Sun, 16 Jun 2024 16:51:31 GMT\r\nEtag: \"34dd8a3e85599d4222a245b1741f6a21acfe1cf2\"\r\nCache-Control: max-age=406537,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb2\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 89257a352d8692f7-CPH\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":728,"size_decoded":728,"mime_type":"application/octet-stream","magic":"data","md5":"5b7159939869c034d2605dfe1688d7c3","sha1":"34dd8a3e85599d4222a245b1741f6a21acfe1cf2","sha256":"84469ad5165a9aea5b98f0f9ac4e3cc425e5d1265f7d650acdd52b94598a75b3","sha512":"61fdcbe5239c033d00f11ae0ca8eff8a648b860e6885854be4b36cde63d7f7177e17970a728731ed445cb3d4df348d6f005a5b49edf4cf5dbafb5f951a2a0c26","ssdeep":"","tlshash":"1e0165bd4eb4222203186c2ce3f6e502549460943b91870a70342de37b966ba960fa82","first_seen":"2024-08-19T20:14:52.883344Z","last_seen":"2024-08-19T20:14:52.883344Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-11T23:45:53.665516157Z","timestamp":1718149553665,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 728\r\nConnection: keep-alive\r\nLast-Modified: Sun, 09 Jun 2024 16:51:32 GMT\r\nExpires: Sun, 16 Jun 2024 16:51:31 GMT\r\nEtag: \"34dd8a3e85599d4222a245b1741f6a21acfe1cf2\"\r\nCache-Control: max-age=406537,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb2\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 89257a3528ee10b9-CPH\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":728,"size_decoded":728,"mime_type":"application/octet-stream","magic":"data","md5":"5b7159939869c034d2605dfe1688d7c3","sha1":"34dd8a3e85599d4222a245b1741f6a21acfe1cf2","sha256":"84469ad5165a9aea5b98f0f9ac4e3cc425e5d1265f7d650acdd52b94598a75b3","sha512":"61fdcbe5239c033d00f11ae0ca8eff8a648b860e6885854be4b36cde63d7f7177e17970a728731ed445cb3d4df348d6f005a5b49edf4cf5dbafb5f951a2a0c26","ssdeep":"","tlshash":"1e0165bd4eb4222203186c2ce3f6e502549460943b91870a70342de37b966ba960fa82","first_seen":"2024-08-19T20:14:52.883344Z","last_seen":"2024-08-19T20:14:52.883344Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-11T23:45:53.667235544Z","timestamp":1718149553667,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 728\r\nConnection: keep-alive\r\nLast-Modified: Sun, 09 Jun 2024 16:51:32 GMT\r\nExpires: Sun, 16 Jun 2024 16:51:31 GMT\r\nEtag: \"34dd8a3e85599d4222a245b1741f6a21acfe1cf2\"\r\nCache-Control: max-age=406537,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb4\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 89257a3518848f61-CPH\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":728,"size_decoded":728,"mime_type":"application/octet-stream","magic":"data","md5":"5b7159939869c034d2605dfe1688d7c3","sha1":"34dd8a3e85599d4222a245b1741f6a21acfe1cf2","sha256":"84469ad5165a9aea5b98f0f9ac4e3cc425e5d1265f7d650acdd52b94598a75b3","sha512":"61fdcbe5239c033d00f11ae0ca8eff8a648b860e6885854be4b36cde63d7f7177e17970a728731ed445cb3d4df348d6f005a5b49edf4cf5dbafb5f951a2a0c26","ssdeep":"","tlshash":"1e0165bd4eb4222203186c2ce3f6e502549460943b91870a70342de37b966ba960fa82","first_seen":"2024-08-19T20:14:52.883344Z","last_seen":"2024-08-19T20:14:52.883344Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"167.99.50.72/img/bonus.png","fqdn":"167.99.50.72","domain":"167.99.50.72","tld":"72"},"ip":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.190Z","timestamp":1718149553190,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"167.99.50.72","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 11 Jan 2024 00:00:00 GMT","end":"Fri, 10 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EB:C9:7F:3E:9C:60:EB:67:D7:74:6F:0B:DA:CF:F1:A9:73:4C:C4:64","sha256":"3F:FC:90:3E:90:55:07:13:86:33:E0:97:93:50:0E:4C:B2:F7:CD:A4:45:D8:94:D2:65:A0:27:DA:0D:F5:5C:0E"}}},"request":{"raw":"GET /img/bonus.png HTTP/1.1\r\nHost: 167.99.50.72\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 14320\r\nLast-Modified: Thu, 11 Jan 2024 00:37:55 GMT\r\nConnection: keep-alive\r\nETag: \"659f3863-37f0\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14320,"size_decoded":14320,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"5683cea50d9e2f6f9949f5827746fd53","sha1":"ca9b6517feb9e3b7634a12ca2f22a4dbeca395c9","sha256":"0d54a1b130c4aa8185ed8f7027b512fa55c8a4bff186db98dbfea4c7df687d7c","sha512":"7fc91a1f73f4545ffb702549f7a693c624c1612257eb32c8d5ab1f992f8c6d3c29bda470191cc1b1f3eaf77ba13546bda04118465050d3602a4f590fce4e4309","ssdeep":"192:DSHknuNH3AOHB1e2PFizo8B1e2PFcK6E+cPHX8U/abctKMbdA+ROIXC:2EnuNwOHP0zoAPSK6E+cvKooiFRRC","tlshash":"0c52f306b1001621065e761ceafee052dbf35ee98db1918f4bcacc212c54dbe8dda6c7","first_seen":"2024-08-19T20:14:52.884181Z","last_seen":"2024-08-19T20:14:52.884181Z","times_seen":1,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":326,"dns":1,"connect":101,"send":0,"wait":182,"receive":2,"ssl":220},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-11T23:45:53.713442035Z","timestamp":1718149553713,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 728\r\nConnection: keep-alive\r\nLast-Modified: Sun, 09 Jun 2024 16:51:32 GMT\r\nExpires: Sun, 16 Jun 2024 16:51:31 GMT\r\nEtag: \"34dd8a3e85599d4222a245b1741f6a21acfe1cf2\"\r\nCache-Control: max-age=406537,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb3\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 89257a3578be8f5a-CPH\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":728,"size_decoded":728,"mime_type":"application/octet-stream","magic":"data","md5":"5b7159939869c034d2605dfe1688d7c3","sha1":"34dd8a3e85599d4222a245b1741f6a21acfe1cf2","sha256":"84469ad5165a9aea5b98f0f9ac4e3cc425e5d1265f7d650acdd52b94598a75b3","sha512":"61fdcbe5239c033d00f11ae0ca8eff8a648b860e6885854be4b36cde63d7f7177e17970a728731ed445cb3d4df348d6f005a5b49edf4cf5dbafb5f951a2a0c26","ssdeep":"","tlshash":"1e0165bd4eb4222203186c2ce3f6e502549460943b91870a70342de37b966ba960fa82","first_seen":"2024-08-19T20:14:52.883344Z","last_seen":"2024-08-19T20:14:52.883344Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"167.99.50.72/img/hot.png","fqdn":"167.99.50.72","domain":"167.99.50.72","tld":"72"},"ip":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.192Z","timestamp":1718149553192,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"167.99.50.72","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 11 Jan 2024 00:00:00 GMT","end":"Fri, 10 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EB:C9:7F:3E:9C:60:EB:67:D7:74:6F:0B:DA:CF:F1:A9:73:4C:C4:64","sha256":"3F:FC:90:3E:90:55:07:13:86:33:E0:97:93:50:0E:4C:B2:F7:CD:A4:45:D8:94:D2:65:A0:27:DA:0D:F5:5C:0E"}}},"request":{"raw":"GET /img/hot.png HTTP/1.1\r\nHost: 167.99.50.72\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 2002\r\nLast-Modified: Thu, 11 Jan 2024 00:38:13 GMT\r\nConnection: keep-alive\r\nETag: \"659f3875-7d2\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2002,"size_decoded":2002,"mime_type":"image/png","magic":"PNG image data, 34 x 39, 8-bit/color RGBA, non-interlaced","md5":"c1d874b71c13ef0520c3268b2a56e095","sha1":"743c329574862c3b475e659abae1e5260e0bd91d","sha256":"59d1640838335dcc2978d2ae8b4adeb8ac4c06a4bbdcb5fa64c73fb52a2cd711","sha512":"addb76b46fcb327ff63af4a108c5983cc473964634aa8f0436c957a3f4437c952096bb3dad4836f20dc390c9d094e191e2218156c56b2b69db4d8d7384cefe9a","ssdeep":"","tlshash":"0641d48cf8a098e56187a8c7a8f2541a5a33c940d6a1c469ecdb644e0d781f5cea52c6","first_seen":"2024-08-19T20:14:52.88483Z","last_seen":"2024-08-19T20:14:52.88483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1042,"timings":{"blocked":475,"dns":0,"connect":88,"send":0,"wait":88,"receive":1,"ssl":377},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"167.99.50.72/img/lc.png","fqdn":"167.99.50.72","domain":"167.99.50.72","tld":"72"},"ip":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.195Z","timestamp":1718149553195,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"167.99.50.72","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 11 Jan 2024 00:00:00 GMT","end":"Fri, 10 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EB:C9:7F:3E:9C:60:EB:67:D7:74:6F:0B:DA:CF:F1:A9:73:4C:C4:64","sha256":"3F:FC:90:3E:90:55:07:13:86:33:E0:97:93:50:0E:4C:B2:F7:CD:A4:45:D8:94:D2:65:A0:27:DA:0D:F5:5C:0E"}}},"request":{"raw":"GET /img/lc.png HTTP/1.1\r\nHost: 167.99.50.72\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 1402\r\nLast-Modified: Thu, 11 Jan 2024 00:37:55 GMT\r\nConnection: keep-alive\r\nETag: \"659f3863-57a\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1402,"size_decoded":1402,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"e90bc038d0306817e4db366c66d22ec4","sha1":"d77ae13b766bcd27f0f158b8eeeb8286ae31e654","sha256":"af7452d9f2b38703bfe10f89ad9df59de88ee8a35629a7aecae996a02037fe6e","sha512":"a2c9c68fbc9a5ba81e2bbc0fa6d12a5102c56f73e97c7a8bb120f2c3d1111d12fb7ee561943c7b86ea64722cb65276548c65c177a6df7ce877f343272578fced","ssdeep":"","tlshash":"b021e9c340183ee3a40bfec8d0352058d4b1a14788ea35e32270946201255e84525e95","first_seen":"2023-09-23T06:15:44Z","last_seen":"2026-03-09T21:48:25.854339Z","times_seen":499,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":472,"dns":0,"connect":89,"send":0,"wait":89,"receive":0,"ssl":385},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"167.99.50.72/img/telegram.png","fqdn":"167.99.50.72","domain":"167.99.50.72","tld":"72"},"ip":{"addr":"167.99.50.72","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webleon.org/","date":"2024-06-11T23:45:53.194Z","timestamp":1718149553194,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"167.99.50.72","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 11 Jan 2024 00:00:00 GMT","end":"Fri, 10 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"EB:C9:7F:3E:9C:60:EB:67:D7:74:6F:0B:DA:CF:F1:A9:73:4C:C4:64","sha256":"3F:FC:90:3E:90:55:07:13:86:33:E0:97:93:50:0E:4C:B2:F7:CD:A4:45:D8:94:D2:65:A0:27:DA:0D:F5:5C:0E"}}},"request":{"raw":"GET /img/telegram.png HTTP/1.1\r\nHost: 167.99.50.72\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webleon.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 11 Jun 2024 23:45:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 4605\r\nLast-Modified: Thu, 11 Jan 2024 00:37:54 GMT\r\nConnection: keep-alive\r\nETag: \"659f3862-11fd\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4605,"size_decoded":4605,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"333843501bcbbcf0bfa0dd50d90950db","sha1":"5177f9986195696675ab89a39cac15b195bc16bf","sha256":"948934d2e21bdb01ea7d657081f982e44a5588d09204158173c574d492e3fe06","sha512":"0112831ab329910ea52fc3a58839095842d289b92f604be1c0ef4c3c51c4c7b8c62f6fd2f6ed963b148e1f4ed42f89b89286b6c13846272dc8112f3309146fdd","ssdeep":"96:DS/knmWIfu/zQbcJgHWgHDGHhxLeHi3k9uXwtwGYU6tY8u4B/d3C63:DS/knUz2gSbeHi3koDC8ueFp","tlshash":"0e911d18dab1b980aa0edf489eeda6af6d331ad4ce40b565fec9d41755302fdc90c0c2","first_seen":"2024-08-19T20:14:52.886187Z","last_seen":"2024-08-19T20:14:52.886187Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1190,"timings":{"blocked":543,"dns":1,"connect":102,"send":0,"wait":97,"receive":1,"ssl":435},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-11","alert":"Sinkholed","trigger":"167.99.50.72","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}