{"report_id":"7abcc877-53d6-4cbe-a2e1-ec1b7f369276","version":6,"status":"done","tags":[],"date":"2024-12-20T20:06:30Z","url":{"schema":"http","addr":"pomf2.lain.la","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.91","port":0,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"pomf2.lain.la/","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"title":"Pomf.lain.la"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-02-28T20:06:30Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"pomf2.lain.la","ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"domain_registered":"2020-08-27","domain_rank":512997,"first_seen":"2021-09-18T09:26:53Z","last_seen":"2024-12-20T07:45:23.306111Z","alert_count":0,"request_count":7,"received_data":207052,"sent_data":2969,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aus5.mozilla.org","ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"1998-01-24","domain_rank":2548,"first_seen":"2015-10-27T07:06:24Z","last_seen":"2024-12-18T02:07:38.019225Z","alert_count":0,"request_count":1,"received_data":1221,"sent_data":512,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-12-20T20:06:13Z","timestamp":1734725173,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.14","port":33874,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-12-20T20:06:13.151194+0000\",\"flow_id\":485686933166237,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.14\",\"src_port\":33874,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"ozxkjjiutt.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":457,\"bytes_toclient\":116,\"start\":\"2024-12-20T20:01:35.235677+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-12-20T20:06:18Z","timestamp":1734725178,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.14","port":33922,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-12-20T20:06:18.535987+0000\",\"flow_id\":488693410302175,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.14\",\"src_port\":33922,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"ozxkjjiutt.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":457,\"bytes_toclient\":116,\"start\":\"2024-12-20T20:01:36.133343+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pomf2.lain.la/pomf.min.js","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9a18271064a64109ebd9e4226db4161","sha1":"2fee7d7d59c957f9c02d5b0f9a503e8e28fecf53","sha256":"3242321127b77716a851f4c5c5d93b7bc93ef17cb44cceb1d475b4456992df74","sha512":"d09f82b6d0bf55bf6f152f3d9c3ee2399cfad78a44e30318fa182caa220d0f72015e173868442d916622898cf70ad458556eff26b29eedd978905b3b166ee8a0","ssdeep":"96:oF1mpEmIAVZhUI0+PPYuA9Fa5c5PbT5E5yc150Cm75ZK:3BIEhxNhGFa5c5PbT5E5l5e5k","tlshash":"bfa143267ea8447f868e686312ff7278bb31419a5d4780001c5acddce9a4fd205eb7e2","size":4508,"data":"","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:56:03.662066Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pomf2.lain.la/pomf.min.css","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.047Z","timestamp":1734725167047,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /pomf.min.css HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:48 GMT\r\ncontent-type: text/css\r\ncontent-length: 4828\r\nlast-modified: Fri, 28 Oct 2022 23:15:06 GMT\r\netag: \"635c627a-12dc\"\r\naccess-control-allow-origin: https://cytube.lain.la\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4828,"size_decoded":4828,"mime_type":"text/css","magic":"ASCII text, with very long lines (4827)","md5":"fe962a7d7a6260ebbccde28b649e2bde","sha1":"2d07e2d85e5a82595963acc473bf99011ad6c420","sha256":"f357230864e2d259b617e4d5e59c108219129f74b4fe0d7f46266b7482fc2c31","sha512":"aa22b625bb8cd94cf9f7a7c73ddc655bf4a3fba7db1a685a0c20fb725cd077350f9ef07f391793c94c63c030ffe904f9183635c9585ffe4d543db79d5a506479","ssdeep":"96:tS+EP0poQxpQitwEx4xLxvx9t+Q1DHA3Dqwmozg7xLk7exeSn:tIQnQittuJZDt+8QqGzqW7exeSn","tlshash":"63a17331e682011db22b852f60e1b59931398413f66b4f78fe2736b8df490ee69b2304","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:56:03.661056Z","times_seen":133,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/pomf.min.js","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.049Z","timestamp":1734725167049,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /pomf.min.js HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:48 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4508\r\nlast-modified: Wed, 02 Feb 2022 18:42:32 GMT\r\netag: \"61fad098-119c\"\r\naccess-control-allow-origin: https://cytube.lain.la\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4508,"size_decoded":4508,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (4337)","md5":"f9a18271064a64109ebd9e4226db4161","sha1":"2fee7d7d59c957f9c02d5b0f9a503e8e28fecf53","sha256":"3242321127b77716a851f4c5c5d93b7bc93ef17cb44cceb1d475b4456992df74","sha512":"d09f82b6d0bf55bf6f152f3d9c3ee2399cfad78a44e30318fa182caa220d0f72015e173868442d916622898cf70ad458556eff26b29eedd978905b3b166ee8a0","ssdeep":"96:YVDwWH4EeIkfZhkI0MCLbk5c5PfT545yc15g04v5jQ:C45IqhBzek5c5PfT545l5C5s","tlshash":"04913321aba404bf858e646711ffb278fb70019a494790005c6adcdceda5f9214ff7b1","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:56:03.662066Z","times_seen":136,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/img/bg.png","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.191Z","timestamp":1734725167191,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /img/bg.png HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pomf2.lain.la/pomf.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 19452\r\nlast-modified: Fri, 18 Sep 2020 22:40:09 GMT\r\netag: \"5f653749-4bfc\"\r\naccess-control-allow-origin: https://cytube.lain.la\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19452,"size_decoded":19452,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 4-bit colormap, non-interlaced","md5":"b70048d2ff7ae5fd2c5dfc828a0e77bb","sha1":"10bca1a1d4458d44c46f1757e8c32dc936b54fc9","sha256":"b83ee4307c427998052aaee156ba53e1bc82673a199bf1a3a3448d2006a4b019","sha512":"8a8a04a43ed29d2cda3875fad33691c4ed9d5bbabb57b6d39a652361219f9125043cd0c011833c97dcd9ef9cc8484f362f2dd79a603e694622f6e2e9cc01781b","ssdeep":"384:yq/h6Mu6OUO82xlBC3VNO+oRtv2OJFi2jrkHgs8LfGWLdoTu:yqVZO8oC2+o72KFi2jrkHgXfrLOu","tlshash":"9792f1b076c22fa313938d129ed588b39a20631443655950256fdcf5086ecaaeecffa5","first_seen":"2023-06-17T17:15:57Z","last_seen":"2026-05-11T09:18:15.115396Z","times_seen":315,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/favicon.ico","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.414Z","timestamp":1734725167414,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:49 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1923\r\nlast-modified: Mon, 09 Jan 2023 02:58:58 GMT\r\netag: \"63bb82f2-783\"\r\naccess-control-allow-origin: https://cytube.lain.la\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1923,"size_decoded":1923,"mime_type":"image/x-icon","magic":"GIF image data, version 89a, 16 x 16","md5":"4b7beea770e9acf445e08e849689c864","sha1":"ad482cb996bec2d9dbd623650bbe9c3e5a74b582","sha256":"3c277f2d1163ba8e37b0d213c061db9642b72a08f63763af16f679edda9012ae","sha512":"1c114d5b44bc9b95910e22a3178b54ce8a0f5ff0d044ea871877d365e224ec256c3fe8542ff79544e10e0973869effcc6acac3350fdfbc299d26a066cb0e2229","ssdeep":"","tlshash":"ac41d882e60657b3dcbd657207ecb50a82f6996110ce02570698642bde34adf153ffec","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:57:53.892333Z","times_seen":250,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/grill.php","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.189Z","timestamp":1734725167189,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /grill.php HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pomf2.lain.la/pomf.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 303 See Other\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:49 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: img/lainautism2.png\r\naccess-control-allow-origin: https://cytube.lain.la\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See Other","fingerprints":null,"data":{"size":83457,"size_decoded":83457,"mime_type":"image/png","magic":"PNG image data, 250 x 333, 8-bit/color RGBA, non-interlaced","md5":"ede31d6bbccfc194d4add69c87e5f765","sha1":"0ab2a29a819ee81c8a96c2de7188222938d17456","sha256":"63c3ffe53136402800a09a8149ef043bb8bf057048f6b1e8ae081e1d66c582f0","sha512":"f3053203ee4ecf5aa23d1e687595187363c795eb2188118030818ce0ee1208b76e8a7b22f560bacde8050f1c1dbfde04ffc5ecf78eade69df7c526f8b2d71b53","ssdeep":"1536:Q5YHcdmnsux2YpgXNQtwi8cORp4a7YtRmOrAPaiLm57hb3CZM2ROVf+OKgi:iEznsuHiXy67vYtRXEaiqZSZMuKTi","tlshash":"5a831207c19de461e8cc28cacb9a7acfb53b5b169816577b212d22c0c352036f579bb5","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:56:03.658686Z","times_seen":135,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-20T20:06:06.339Z","timestamp":1734725166339,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:48 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 16 Dec 2024 03:45:04 GMT\r\netag: W/\"675fa240-632\"\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7425,"size_decoded":7425,"mime_type":"text/html","magic":"gzip compressed data, max speed, from Unix","md5":"5ba143457dafa1277659b30fbb5c5cb1","sha1":"b91b149472be08056a634539462dcc1c4afe531a","sha256":"feb2759aa2162dcdc8f0c6566d5b55d846342b9e9fc48cd5f468f00f75520e8c","sha512":"c583c702e17db16467cb5bfadc2a250ebd61202a87fd1480da93dc1b5da645ca8a87b160c284e9555187841ae1b43e8d09527359f2ccd94326e83faf5499172c","ssdeep":"192:0s3gYOkEju/RyTzKHubTsLw0KbcAzU1ctcQtFdqoqjBMYuh0J:0wEjupKz0uPAKU1jSKjBMYuh0J","tlshash":"9ae18e5d564509b2fa36187163a122e11b153f2af9a7cf724221bdb09ebc19dc244fd3","first_seen":"2024-12-20T20:06:31.088801Z","last_seen":"2024-12-20T20:06:31.088801Z","times_seen":1,"resource_available":false,"data":null}},"time_used":615,"timings":{"blocked":242,"dns":6,"connect":119,"send":0,"wait":120,"receive":0,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml","fqdn":"aus5.mozilla.org","domain":"mozilla.org","tld":"org"},"ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-12-20T20:06:25.181185981Z","timestamp":1734725185181,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1\r\nHost: aus5.mozilla.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\nrule-id: unknown\r\nrule-data-version: unknown\r\ncontent-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2025-01-22-11-21-23.chain; p384ecdsa=qNkfHYhS2tgX3qEXEmLVDBoLMGGRVEttDZ5AhLPwwg87OpnPwJnb4f_EWHDx2AOLNG7FHYWZdp48r3PqpLXMTtJT1g2TZjnbDHm9die7UFzG5e9rhe-B23D2i2w5e0K6\r\nstrict-transport-security: max-age=31536000;\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-proxy-cache-status: EXPIRED\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 20 Dec 2024 20:04:46 GMT\r\ncontent-type: text/xml; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 444\r\nage: 99\r\ncache-control: public,max-age=90\r\nalt-svc: clear\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":444,"size_decoded":721,"mime_type":"text/xml; charset=utf-8","magic":"XML 1.0 document, ASCII text, with very long lines (332)","md5":"3b324dec137a87ef7e24a30a65b13dd0","sha1":"c0faa95b2f1018e264b3a14aaf50d1003e6c27b3","sha256":"6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463","sha512":"eee5d0a6354c5cfafdba69236359dbb38be1d7cbfd841230c07617fa3d8982751d8ddbe4f3b9c533a277e836b28a2f483d8ddc79aa09573ca9d49fc16341c061","ssdeep":"","tlshash":"54011069bdb5f89100860aa76626c8015a232287e1541888b8df5fc04f9b9b4536f09d","first_seen":"2023-10-13T18:17:52Z","last_seen":"2025-06-20T01:29:36.566077Z","times_seen":185315,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pomf2.lain.la/img/lainautism2.png","fqdn":"pomf2.lain.la","domain":"lain.la","tld":"la"},"ip":{"addr":"198.251.82.65","port":443,"asn":53667,"as":"PONYNET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pomf2.lain.la/","date":"2024-12-20T20:06:07.455Z","timestamp":1734725167455,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lain.la","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Dec 2024 00:22:05 GMT","end":"Sun, 16 Mar 2025 00:22:04 GMT"},"fingerprint":{"sha1":"69:E8:B4:3B:49:5A:A3:9E:A8:9D:D6:1E:27:41:DA:BE:BC:47:E2:AD","sha256":"BD:54:E3:9C:D5:E2:A0:FA:E9:90:0C:2A:2F:EB:4E:A5:FD:E1:08:D4:0C:AA:45:5C:D8:AB:28:D6:17:08:8F:13"}}},"request":{"raw":"GET /img/lainautism2.png HTTP/1.1\r\nHost: pomf2.lain.la\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pomf2.lain.la/pomf.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 20 Dec 2024 20:02:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 83457\r\nlast-modified: Wed, 21 Feb 2024 23:28:28 GMT\r\netag: \"65d6871c-14601\"\r\naccess-control-allow-origin: https://cytube.lain.la\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83457,"size_decoded":83457,"mime_type":"image/png","magic":"PNG image data, 250 x 333, 8-bit/color RGBA, non-interlaced","md5":"ede31d6bbccfc194d4add69c87e5f765","sha1":"0ab2a29a819ee81c8a96c2de7188222938d17456","sha256":"63c3ffe53136402800a09a8149ef043bb8bf057048f6b1e8ae081e1d66c582f0","sha512":"f3053203ee4ecf5aa23d1e687595187363c795eb2188118030818ce0ee1208b76e8a7b22f560bacde8050f1c1dbfde04ffc5ecf78eade69df7c526f8b2d71b53","ssdeep":"1536:Q5YHcdmnsux2YpgXNQtwi8cORp4a7YtRmOrAPaiLm57hb3CZM2ROVf+OKgi:iEznsuHiXy67vYtRXEaiqZSZMuKTi","tlshash":"5a831207c19de461e8cc28cacb9a7acfb53b5b169816577b212d22c0c352036f579bb5","first_seen":"2024-03-01T21:00:08Z","last_seen":"2026-03-11T17:56:03.658686Z","times_seen":135,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}