{"report_id":"84cb91ef-edcc-4639-99a4-fe7802c49518","version":6,"status":"done","tags":[],"date":"2025-12-02T11:50:27Z","url":{"schema":"http","addr":"video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"ip":{"addr":"192.53.117.183","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"http","addr":"video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"title":"404 Not Found","dom":{"size":1113,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (474)","md5":"6cb456791401c5d27be9c6e44b379536","sha1":"5fd4ceaad83c55124c7695be5fe97dbd69d48799","sha256":"ff524728b26ed26e4d52922a6047ba984b0a7264cbb92bd982475c70d54ca1c3","sha512":"dbf84f75ca734f4f821fcf0e50189cb9a623e8f4898b15658600e32d176528e2830519e9745caf9cd227c7ca1a83d0dce3ffc03928f586429bfcf19af6463612","ssdeep":"","tlshash":"8721631351e5620ea0535036b5c2a104ee44d94fd22a60f1f8af8766af8d79783f3e3c","dom_hash":"domhash2ed9a613f89a359b2078522bd17e07c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"ip":{"addr":"192.53.117.183","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-06T11:50:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:01Z","timestamp":1764676201,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":35458,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-12-02T11:50:01.547837+0000\",\"flow_id\":439348607581682,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":35458,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"chasesupport247.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":474,\"bytes_toclient\":116,\"start\":\"2025-12-02T11:46:55.327154+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:05Z","timestamp":1764676205,"ip_dst":{"addr":"172.18.0.41","port":40306,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"192.53.117.183","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2025-12-02T11:50:05.672062+0000\",\"flow_id\":587344603056950,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"192.53.117.183\",\"src_port\":443,\"dest_ip\":\"172.18.0.41\",\"dest_port\":40306,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"video.twimg.asia\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2025-12-02T11:50:05.002870+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:05Z","timestamp":1764676205,"ip_dst":{"addr":"172.18.0.41","port":40322,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"192.53.117.183","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2025-12-02T11:50:05.917437+0000\",\"flow_id\":648036785971463,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"192.53.117.183\",\"src_port\":443,\"dest_ip\":\"172.18.0.41\",\"dest_port\":40322,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"video.twimg.asia\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":852,\"bytes_toclient\":213,\"start\":\"2025-12-02T11:50:05.254215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:06Z","timestamp":1764676206,"ip_dst":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.41","port":58386,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.asia domain","source":"{\"timestamp\":\"2025-12-02T11:50:06.368229+0000\",\"flow_id\":490428666052751,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":58386,\"dest_ip\":\"192.53.117.183\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032986,\"rev\":1,\"signature\":\"ET INFO HTTP Request to a *.asia domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_05_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_05_18\"]}},\"http\":{\"hostname\":\"video.twimg.asia\",\"url\":\"/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":669},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":744,\"bytes_toclient\":1302,\"start\":\"2025-12-02T11:50:05.688271+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:06Z","timestamp":1764676206,"ip_dst":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.41","port":58402,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.asia domain","source":"{\"timestamp\":\"2025-12-02T11:50:06.952407+0000\",\"flow_id\":98169302898271,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":58402,\"dest_ip\":\"192.53.117.183\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032986,\"rev\":1,\"signature\":\"ET INFO HTTP Request to a *.asia domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_05_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_05_18\"]}},\"http\":{\"hostname\":\"video.twimg.asia\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":502,\"length\":1178},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":700,\"bytes_toclient\":1586,\"start\":\"2025-12-02T11:50:05.939615+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:08Z","timestamp":1764676208,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":35440,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-12-02T11:50:08.227951+0000\",\"flow_id\":303043525409302,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":35440,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"chasesupport247.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":474,\"bytes_toclient\":116,\"start\":\"2025-12-02T11:46:54.326166+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"static.domainesia.com","ip":{"addr":"104.26.8.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-10-22","domain_rank":6899275,"first_seen":"2016-02-04T08:30:23Z","last_seen":"2025-11-22T20:35:37.059565Z","alert_count":0,"request_count":2,"received_data":224444,"sent_data":955,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"video.twimg.asia","ip":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"domain_registered":"2025-10-07","domain_rank":0,"first_seen":"2025-12-02T11:50:27.34408Z","last_seen":"2025-12-02T11:50:27.34408Z","alert_count":3,"request_count":3,"received_data":2921,"sent_data":1456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"video.twimg.asia/favicon.ico","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"ip":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","date":"2025-12-02T11:50:06.613Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: video.twimg.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 502 Bad Gateway\r\nDate: Tue, 02 Dec 2025 11:50:06 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: DomaiNesia\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":null,"data":{"size":1168,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (474)","md5":"338e2692c600cfa12045462a9ecb2c28","sha1":"8306e4c701f90a51f614c609f657462d8d271bb9","sha256":"a1decad01ce0ff9e1f167f63f2bb2f31f1d1759735a0797034dd375f8a4aa1bc","sha512":"3499d08a6ece937634703a0843111f8edce21c17af5bf2928ac03cd6ce7064de0a032b5130928e826899e9007392e1ef95ad31ec8169952a22fb8aa880e2180d","ssdeep":"","tlshash":"9321332215e0610a70936025a5d1a144ee50d88b921920e1f49fdb5aafcd79747f7b3c","first_seen":"2025-05-05T11:33:35.27654Z","last_seen":"2026-01-19T00:29:57.775837Z","times_seen":34,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:06Z","timestamp":1764676206,"ip_dst":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.41","port":58402,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.asia domain","source":"{\"timestamp\":\"2025-12-02T11:50:06.952407+0000\",\"flow_id\":98169302898271,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":58402,\"dest_ip\":\"192.53.117.183\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032986,\"rev\":1,\"signature\":\"ET INFO HTTP Request to a *.asia domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_05_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_05_18\"]}},\"http\":{\"hostname\":\"video.twimg.asia\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":502,\"length\":1178},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":700,\"bytes_toclient\":1586,\"start\":\"2025-12-02T11:50:05.939615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T11:50:04.931Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/ HTTP/1.1\r\nHost: video.twimg.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-13T13:12:12.581168Z","times_seen":13705127,"resource_available":true,"data":null}},"time_used":742,"timings":{"blocked":0,"dns":72,"connect":328,"send":0,"wait":0,"receive":0,"ssl":339},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:06Z","timestamp":1764676206,"ip_dst":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.41","port":58386,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.asia domain","source":"{\"timestamp\":\"2025-12-02T11:50:06.368229+0000\",\"flow_id\":490428666052751,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":58386,\"dest_ip\":\"192.53.117.183\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032986,\"rev\":1,\"signature\":\"ET INFO HTTP Request to a *.asia domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_05_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_05_18\"]}},\"http\":{\"hostname\":\"video.twimg.asia\",\"url\":\"/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":669},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":744,\"bytes_toclient\":1302,\"start\":\"2025-12-02T11:50:05.688271+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","fqdn":"video.twimg.asia","domain":"twimg.asia","tld":"asia"},"ip":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T11:50:05.685Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/ HTTP/1.1\r\nHost: video.twimg.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 02 Dec 2025 11:50:06 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nServer: DomaiNesia\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Dynamic-Cache: BYPASS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1134,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (474)","md5":"fe153b7090b7bee1291385233753b9c4","sha1":"3ba1fec1b9098e534d2eb16404b7a0e401c06bec","sha256":"05d7479c2f1f095697b943337e65d6ba27123deb3ce4ea02959af1b41cb6ac51","sha512":"6a2444f0db4fa0167e5861c0391fa6d2799d8597370630e5c7999e3ef9ca373c24be860dba6e0b4cd1e15d7e120f6dbdb03a1ed0eb43b317f81f884b1ce51469","ssdeep":"","tlshash":"c321961311e1620e60535025b5c1a104fe44994fd22a60f1f8afc766bf8d79742f7e3c","first_seen":"2025-10-10T09:40:14.612561Z","last_seen":"2026-03-27T14:24:18.728295Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1017,"timings":{"blocked":335,"dns":2,"connect":332,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-02T11:50:06Z","timestamp":1764676206,"ip_dst":{"addr":"192.53.117.183","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.41","port":58386,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.asia domain","source":"{\"timestamp\":\"2025-12-02T11:50:06.368229+0000\",\"flow_id\":490428666052751,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":58386,\"dest_ip\":\"192.53.117.183\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032986,\"rev\":1,\"signature\":\"ET INFO HTTP Request to a *.asia domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_05_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_05_18\"]}},\"http\":{\"hostname\":\"video.twimg.asia\",\"url\":\"/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":669},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":744,\"bytes_toclient\":1302,\"start\":\"2025-12-02T11:50:05.688271+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.domainesia.com/assets/fonts/842623/7F38FB22E551161E9.css","fqdn":"static.domainesia.com","domain":"domainesia.com","tld":"com"},"ip":{"addr":"104.26.8.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","date":"2025-12-02T11:50:06.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"domainesia.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 01:29:53 GMT","end":"Sun, 18 Jan 2026 01:29:52 GMT"},"fingerprint":{"sha1":"89:B1:50:0B:66:46:7F:85:0C:35:C3:C8:C1:64:B9:91:86:14:27:9F","sha256":"1F:9C:88:6C:98:0A:AB:93:BB:FA:A4:A0:3D:4C:18:0D:79:39:9C:81:28:BE:30:F7:06:0E:66:EC:87:27:1A:1D"}}},"request":{"raw":"GET /assets/fonts/842623/7F38FB22E551161E9.css HTTP/1.1\r\nHost: static.domainesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://video.twimg.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 11:50:06 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 30 Nov 2022 00:01:58 GMT\r\netag: W/\"2e8df-5eea4d02cbac7\"\r\nexpires: Tue, 23 Dec 2025 07:43:44 GMT\r\ncache-control: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=2592000; preload\r\nlink: \u003c/assets/fonts/fontawesome-webfont.woff2?v=4.5.0\u003e; rel=preload; as=font; crossorigin\r\ncontent-encoding: br\r\nvary: accept-encoding\r\nage: 366847\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nikQPg59XzwFLTQJ5Esg%2F7g0DIQi1RIN2nfs68drmL5SppWp2R0wuBBV5TFzO05WdqcyhKHFiIJ292pjswkhwgPS5dK7Jy9kAIYW8dnO22GO6e%2Bm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a7a9ad288e0a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":190687,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"43d59dd0d692967c3da143a764f477db","sha1":"bb3faa4d16fe4b563eb88964ff193fd468e6799d","sha256":"95d0e6a12ab1d55459db16f33a49adbed31d71b6770f0f8d006c0506c5536b1a","sha512":"11c441bba5fb29dcc575eb32b5ffa4d2dc3c2ae948697826a34d8caa1a834913a0dc12f6a14ed54de30e0e88301f10d2be9e201d717cff0be95dc0220faa1ea8","ssdeep":"3072:0VW5GoCGVNJ92QemgGlh2YILfTQNGWFSkBLAlaWkoQwKKXYIws3bi/lP:0CGoC2NKQdVO/QdSK2aAbKtI5G/lP","tlshash":"551413b0d63551be843c961e70a30e491f9b6aeb054ad75d93d2f3c336b02aa918cf4d","first_seen":"2023-04-10T20:55:59Z","last_seen":"2026-01-19T00:29:57.77395Z","times_seen":115,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":25,"dns":7,"connect":1,"send":0,"wait":14,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.domainesia.com/assets/slots/webcdn/server/img/error-code/svg/error-404.svg","fqdn":"static.domainesia.com","domain":"domainesia.com","tld":"com"},"ip":{"addr":"104.26.8.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://video.twimg.asia/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=9791902\u0026pdata=https:/","date":"2025-12-02T11:50:06.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"domainesia.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 01:29:53 GMT","end":"Sun, 18 Jan 2026 01:29:52 GMT"},"fingerprint":{"sha1":"89:B1:50:0B:66:46:7F:85:0C:35:C3:C8:C1:64:B9:91:86:14:27:9F","sha256":"1F:9C:88:6C:98:0A:AB:93:BB:FA:A4:A0:3D:4C:18:0D:79:39:9C:81:28:BE:30:F7:06:0E:66:EC:87:27:1A:1D"}}},"request":{"raw":"GET /assets/slots/webcdn/server/img/error-code/svg/error-404.svg HTTP/1.1\r\nHost: static.domainesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://video.twimg.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 11:50:06 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Tue, 13 Sep 2022 10:05:35 GMT\r\netag: \"7cad-5e88c27489c50\"\r\nexpires: Tue, 30 Dec 2025 01:09:45 GMT\r\ncache-control: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=2592000; preload\r\nlink: \u003c/assets/fonts/fontawesome-webfont.woff2?v=4.5.0\u003e; rel=preload; as=font; crossorigin\r\ncontent-encoding: br\r\nvary: accept-encoding\r\nage: 140858\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ihgPms9GYetkrX0CJic1nW6oExRzb%2Bj3%2F1O2Bjq1Cydr1ZcbtClrTf1c4T6nnjba24l8eO8Qo%2BUgueV48iCU4zkyNNsNtZ35FB3AuXuHQFsqe3l\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a7a9ad288e5a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31917,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ded93a3480e352a5ab0e8c307232ae28","sha1":"71991eef09c7e19a35835b63506815100ff0881e","sha256":"dd34f3ddbd6abe93aecc7d8e40d0c6dbf702c0071d1c68d2cb1ebe2f5092ec25","sha512":"183072d4b79b7ee0516486fbd5d6fe79e28a0914db713e2f8eb93039a5e67a61b9da140169a180f6569b7ea778ffaf7a8957a78194da80e72a4ed2e202ba10ba","ssdeep":"384:trkHbeIpYfVsL5FBZpPuavNUmz8iD5bJeYFhMXmgPSI0MHa:NkHb/YfV45aavtA9ahMWbMHa","tlshash":"37e251ce372c99a2d98887cfff05d079242745ea69818394d1587f0f6c88c6b9d6ebc1","first_seen":"2024-08-20T15:22:59.712424Z","last_seen":"2026-01-19T00:29:57.774641Z","times_seen":6,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}