{"report_id":"94cb2859-47f7-4fbd-996a-884d86ce8195","version":6,"status":"done","tags":[],"date":"2024-06-23T09:57:12Z","url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"title":"Authenticating ..."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T12:20:11Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-06-22 18:19:57","alert_count":0,"request_count":5,"received_data":4438,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":2,"received_data":41447,"sent_data":1229,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msftauth.net","ip":{"addr":"152.199.21.175","port":443,"asn":15133,"as":"EDGECAST","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-25","domain_rank":1455,"first_seen":"2018-11-19 11:50:32","last_seen":"2024-06-22 18:12:55","alert_count":0,"request_count":1,"received_data":1569,"sent_data":538,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2024-06-22 18:12:37","alert_count":0,"request_count":4,"received_data":7840,"sent_data":2094,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2016-07-26 11:37:06","last_seen":"2024-06-22 18:12:36","alert_count":0,"request_count":1,"received_data":3006,"sent_data":465,"comment":"","tags":null,"fingerprints":null},{"fqdn":"11cyclesforest.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":98617,"sent_data":431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.w3schools.com","ip":{"addr":"192.229.133.221","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2000-03-21","domain_rank":17487,"first_seen":"2014-02-05 21:15:46","last_seen":"2024-06-22 07:09:57","alert_count":0,"request_count":1,"received_data":5795,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"logincdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":2330,"first_seen":"2019-04-23 03:13:28","last_seen":"2024-06-22 19:16:37","alert_count":0,"request_count":1,"received_data":1079,"sent_data":516,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-06-22 18:15:23","alert_count":0,"request_count":2,"received_data":1398,"sent_data":650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.socket.io","ip":{"addr":"13.227.219.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2010-04-18","domain_rank":62068,"first_seen":"2015-03-23 23:14:03","last_seen":"2024-06-22 19:43:33","alert_count":0,"request_count":1,"received_data":46489,"sent_data":498,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-06-22","alert":"Office365","trigger":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.socket.io/4.6.0/socket.io.min.js","fqdn":"cdn.socket.io","domain":"socket.io","tld":"io"},"ip":{"addr":"13.227.219.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"80f5b8c6a9eeac15de93e5a112036a06","sha1":"f7174635137d37581b11937fc90e9cb325077bce","sha256":"0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542","sha512":"b976a5f02202439d94c6817d037c813fa1945c6bb93762284d97ff61718c5b833402f372562034663a467fdbaa46990de24cb1e356392340e64d034e4ba1b4e4","ssdeep":"384:1ZS0CCnasl8gRR/PoPez+iCMN0Fkiw2Jh4RWdRGhAjbp2ChPL8cYRGv5MRUK6np9:/CCnVl7tUkBxkdRGOfDiY5C5MAn5GY2","tlshash":"1423a488f2a1b06187e37165443f110ba27a746964c9c18cf639d9f19eb8ece7123f79","size":45806,"data":"","first_seen":"2023-04-05T03:09:50Z","last_seen":"2026-04-22T15:05:41.746884Z","times_seen":39649,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11cyclesforest.com/jsnom.js","fqdn":"11cyclesforest.com","domain":"11cyclesforest.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f55f72a1a380fbb5ad554c9d01791c5d","sha1":"9e4f1bdcc3be6e82ae67e8874b5052fe8a092145","sha256":"01e7feb4518c57aae09cdd1537b82983dc5abe9eb189212c56f6ee8410315368","sha512":"97c2c4987cf013e567b35ab8d34f9b3ebe6307636767651563bafe8068cb928ac6b368517b0e3ccfc58c588b4c110b8331bc2becacec0f0936fde12be78e1267","ssdeep":"1536:GwtAqNeS6e6+mitQT3TLJRb8J+apQ3jxNxqCVS:GwtAqNeS6e6+XE3TLJxxNIx","tlshash":"a9a310e2d460d3fd630bd9265e7dc548d3304b0695c08b9a748ce84a97cda2fd6bd8b8","size":97839,"data":"","first_seen":"2024-05-23T19:41:38Z","last_seen":"2024-08-19T22:00:21.721301Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb61007770fd1a70278d5cf85a33f3aa","sha1":"5e0aa2a372568b57c4ea23ba306acbb9b8caf60c","sha256":"c250a58d9c4822d78ef18381763f6e71b6964369851b09f6de8ec45d2d7bb1a3","sha512":"85c0c4de04962cc37d3471385a2d67f1e5af47e18bda2c70dcc8c19dffd95a6a91d54b2bf82cbc3639c45edca255f147b195ca495262b137552ffa5a04bec1b4","ssdeep":"192:279WmtnFca/WwQGzNVcwkIp8yCsq3fCRpq2vLRiitNuawIBIB2BjQA47G7CAZFyL:A9WYv/fQ+NVbkIuQpqeLRZ3uHIBIBqQP","tlshash":"b022ef1429d330806397be6ab35f90a4fa75455792c87d07b40c7990afeed2cdcd1978","size":9929,"data":"","first_seen":"2024-06-11T22:32:22Z","last_seen":"2026-04-22T10:02:51.947191Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e3f9d90ac9ded8983305bbd72f30b26a","sha1":"3717765c89f537cf7c78dd4be5c341c73a0bf378","sha256":"38f312a0e2769a3c243c016795ba24e471183dfeddc89de0967d29b9b69901aa","sha512":"39eba5ca2f2551d89e698dff8eb47abeb9e0412f79130d5aac55eadddc143214a1afc03e08dcc510f2052f4d8a0c1dfbdaef18fb72089affc7abb9930023c176","ssdeep":"","tlshash":"b8410d222092d622fbfe8c125d259d5ff46131ea7b09d2a0fc8cd5993324d5a30a3e36","size":2113,"data":"","first_seen":"2024-08-19T19:06:55.013947Z","last_seen":"2024-08-19T19:06:55.013947Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:46.403769148Z","timestamp":1719136606403,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F661A4C5B81EDB82EC095D2D50B655E19536630577352B6ABBFC3962ADF3454C\"\r\nLast-Modified: Sun, 23 Jun 2024 01:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5625\r\nExpires: Sun, 23 Jun 2024 11:30:31 GMT\r\nDate: Sun, 23 Jun 2024 09:56:46 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"116d4d1edb43ea3783c92812f245f108","sha1":"02c09fc6450c50f5d2f7f6162fed01cf2c4bf6b8","sha256":"f661a4c5b81edb82ec095d2d50b655e19536630577352b6abbfc3962adf3454c","sha512":"f0a634e57794959630347a12281aea2ee67104b5287a3c468e491da7421b1deb933a82170f98525872fe67647b70b9536ed0249204107c19e10188bbdf38a37f","ssdeep":"","tlshash":"79f0057d017a7751f224151529e8d6645e40de953d0517a1b56010d3b026ffd4190089","first_seen":"2024-06-23T05:49:43Z","last_seen":"2024-08-19T19:08:18.438208Z","times_seen":25208,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:46.798587299Z","timestamp":1719136606798,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6E8DE7454DF9B981F3C2BD8746558F3EB5C48599C66FC0F5301169C0ED42C8FE\"\r\nLast-Modified: Sat, 22 Jun 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10944\r\nExpires: Sun, 23 Jun 2024 12:59:10 GMT\r\nDate: Sun, 23 Jun 2024 09:56:46 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"31c219b3ac9b4615f1a78cd882995e6c","sha1":"1bb1aedb59500ceabd4f44ae9b7317c544084afd","sha256":"6e8de7454df9b981f3c2bd8746558f3eb5c48599c66fc0f5301169c0ed42c8fe","sha512":"1ee09ddd8d0e35c822038657fb1d3f3de92a41ef658502fc0f4125e1f77504b72d487c41b51cbe9dea2cff2e07226ca4a96baa6be0a37c924038384d74f6052b","ssdeep":"","tlshash":"acf0c06636a57251a73029126afbe7085cad7efd3195b5f624e480e0e861bf45384084","first_seen":"2024-06-22T18:01:34Z","last_seen":"2024-08-19T19:11:24.979839Z","times_seen":34747,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:47.066386366Z","timestamp":1719136607066,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3C107C0A5DD06BC96FF917C92843AB276923FD751ECD5E48EEFAFC661B914AE2\"\r\nLast-Modified: Sat, 22 Jun 2024 04:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6805\r\nExpires: Sun, 23 Jun 2024 11:50:12 GMT\r\nDate: Sun, 23 Jun 2024 09:56:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"5921b10ddbe0b24f0a8edead6ec181b2","sha1":"6691a5ac00a00feed5de61cd277ca741b2c29862","sha256":"3c107c0a5dd06bc96ff917c92843ab276923fd751ecd5e48eefafc661b914ae2","sha512":"2af2ac0b8fcf426ce11ea491b43b0109233fe0b0dbddb48be262a95ad51c887ac11272252f0cdedcda0310e97c8dbd76d5a92c44b904c95afddcd869b03d181a","ssdeep":"","tlshash":"c5f0055610e1b92035fc75073c89d44759647bd82430b1d5f0d54be96561bed87c844c","first_seen":"2024-06-22T11:10:43Z","last_seen":"2024-08-19T19:13:49.713105Z","times_seen":18088,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-23T09:56:47.079Z","timestamp":1719136607079,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 14:44:39 GMT","end":"Sun, 01 Sep 2024 14:44:38 GMT"},"fingerprint":{"sha1":"00:AA:40:3F:3E:AE:B0:85:C2:A1:9B:9E:8B:A4:F4:21:D4:DE:DD:AC","sha256":"13:ED:54:7B:A6:19:38:44:7C:FC:30:0F:AA:EE:02:A6:C2:BF:14:FD:56:BB:32:AC:DF:B0:CB:59:D8:62:77:99"}}},"request":{"raw":"GET /USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html HTTP/1.1\r\nHost: pub-f802d7a51268487fbcadf32b2b18258c.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 23 Jun 2024 09:56:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 13690\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"2567907517edd7216108a1a9c67bb46a\"\r\nLast-Modified: Thu, 13 Jun 2024 22:47:48 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89839c32789c5687-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13690,"size_decoded":13690,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (915)","md5":"2567907517edd7216108a1a9c67bb46a","sha1":"a25bed60262660dfabf1becc521580b30ddf0360","sha256":"39267e9b2da90df7c9f15b18c221fd8876daeab7d844f23033156e959fe78441","sha512":"90b62a0d821f1be3403cbf9191dc88727875dc040516922ff350201be5319000d706f06eae699bc99a12b032fe3a0e476869ca050a741291095f69ce3385b98a","ssdeep":"384:Jp9WYv/fQ+NVbkIuQpqeLRZ3uHIBIBqQnqCADCkkwRqXyaGveSGSONM7o3ADM:/9WYv/fQ+NVbkIxpqeLRZ3ubqQnqCAD0","tlshash":"39524f1429d2b080a3bb7d66765fa0a8f6b1049753886d17b80cb9907fedd2cecd2d74","first_seen":"2024-08-19T19:06:55.000293Z","last_seen":"2024-08-19T19:06:55.000293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":30,"dns":1,"connect":3,"send":0,"wait":305,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-06-22","alert":"Office365","trigger":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/favicon.ico","fqdn":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","domain":"pub-f802d7a51268487fbcadf32b2b18258c.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.005Z","timestamp":1719136608005,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 14:44:39 GMT","end":"Sun, 01 Sep 2024 14:44:38 GMT"},"fingerprint":{"sha1":"00:AA:40:3F:3E:AE:B0:85:C2:A1:9B:9E:8B:A4:F4:21:D4:DE:DD:AC","sha256":"13:ED:54:7B:A6:19:38:44:7C:FC:30:0F:AA:EE:02:A6:C2:BF:14:FD:56:BB:32:AC:DF:B0:CB:59:D8:62:77:99"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pub-f802d7a51268487fbcadf32b2b18258c.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 23 Jun 2024 09:56:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 27242\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89839c380ee45687-OSL\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":27242,"size_decoded":27242,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.21.175","port":443,"asn":15133,"as":"EDGECAST","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.435Z","timestamp":1719136608435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B1:17:F7:9C:C3:3B:5F:54:73:D7:58:28:5F:C7:CE:E9:AC:39:CD:8F","sha256":"2C:99:6E:B7:25:3D:6C:83:43:C5:09:43:2A:9D:9B:4A:F9:30:50:CC:3A:1E:7A:31:29:CE:50:E4:8A:F1:D9:03"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 7803403\r\ncache-control: public, max-age=31536000\r\ncontent-md5: 1jQlecEJaGhFO2st5KXLhg==\r\ncontent-type: image/svg+xml\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\netag: 0x8DB5C3F4AC59B47\r\nlast-modified: Wed, 24 May 2023 10:11:51 GMT\r\nserver: ECAcc (ska/F6A9)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 2a281429-101e-0042-725a-7edf33000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 790\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":790,"size_decoded":1636,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f7ab697e65b83ce9870a4736085deeec","sha1":"5ff40bff26b523fbbeaa5228a2aac63e44afaa90","sha256":"cbb3706e65b35a43bdcfebd23b5479dc0542ca7e23197869b683d12b524472fe","sha512":"158874143ce65485348813431bb585227772f315234e08158a329df98319aa5f1db21def2ad7caa5c25ad11660e7d4e05158cfa1198913a33b1b91676c4ca402","ssdeep":"","tlshash":"c43133bb138097e692885b1d1f58bd8933b0644af8f781c1eb0769469c0fbb77238c90","first_seen":"2023-06-24T12:48:49Z","last_seen":"2026-04-22T15:23:34.161059Z","times_seen":14721,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":21,"dns":0,"connect":8,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.w3schools.com/w3css/4/w3.css","fqdn":"www.w3schools.com","domain":"w3schools.com","tld":"com"},"ip":{"addr":"192.229.133.221","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.411Z","timestamp":1719136608411,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.w3schools.com","organization":"Edgio, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 03 Apr 2024 00:00:00 GMT","end":"Sun, 04 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A","sha256":"01:21:1C:47:49:8D:A3:70:28:97:99:12:DF:36:65:1E:6A:43:5D:F0:E1:70:34:21:65:F6:44:9C:CE:67:4E:C7"}}},"request":{"raw":"GET /w3css/4/w3.css HTTP/1.1\r\nHost: www.w3schools.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nage: 248797\r\ncache-control: public,max-age=31536000,public\r\ncontent-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;\r\ncontent-type: text/css\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\netag: \"0dbf5afcc3da1:0\"\r\nlast-modified: Thu, 20 Jun 2024 12:23:42 GMT\r\nserver: ECS (ska/F716)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;\r\nx-powered-by: ASP.NET\r\ncontent-length: 5250\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5250,"size_decoded":23427,"mime_type":"text/css","magic":"Unicode text, UTF-8 (with BOM) text","md5":"ba0537e9574725096af97c27d7e54f76","sha1":"bd46b47d74d344f435b5805114559d45979762d5","sha256":"4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f","sha512":"fc43f1a6b95e1ce005a8efcdb0d38df8cc12189beac18099fd97c278d254d5da4c24556bd06515d9d6ca495ddb630a052aefc0bb73d6ed15debc0fb1e8e208e7","ssdeep":"384:1HHLO7eS0F4bBY/fn6jZcy9/cGK1q8CarY64Cb+dOy:1HHCLYXfl1q8CarY64Cb+dl","tlshash":"4ab2f022ff8a1138261a873660d5fbfc573a8681df9f1b7a7030373943894c26796e49","first_seen":"2023-04-05T03:24:19Z","last_seen":"2025-02-28T16:49:08.092039Z","times_seen":10656,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":75,"dns":48,"connect":7,"send":0,"wait":8,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.457Z","timestamp":1719136608457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 673\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:11:46 GMT\r\netag: 0x8DB5C3F47E260FD\r\nx-ms-request-id: 5d683220-b01e-0075-623b-be9094000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240623T095648Z-17d85d5877c62v4be1cta3dt380000000cf00000000063mb\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":1864,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-04-22T14:37:00.430859Z","times_seen":102636,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":165,"dns":108,"connect":19,"send":0,"wait":20,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.437Z","timestamp":1719136608437,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 199\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:11:49 GMT\r\netag: 0x8DB5C3F49C21D98\r\nx-ms-request-id: 925c5eba-801e-003a-6092-beca9a000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240623T095648Z-17d85d5877c62v4be1cta3dt380000000cf00000000063mc\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":199,"size_decoded":250,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"27a6d18b56f46818420e60a773c36d4e","sha1":"346ec247500fddc51cc1d85b8f4b9a343f7a48d3","sha256":"8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904","sha512":"1580d15f26ee16f0c16c967df76314538e0b39978059d293995ae2cc917d49745918acede8e12675759ac2514c59c9d4e15a3fa3fe6f64a6c8e8e41110234ec3","ssdeep":"","tlshash":"25d0a7b1c28c7508d4444f2e17f821e010a230c891de066cf6c4770ea845aa7f9ba6ee","first_seen":"2023-04-19T22:15:10Z","last_seen":"2026-04-22T15:23:34.162534Z","times_seen":59111,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":191,"dns":135,"connect":19,"send":0,"wait":19,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.427Z","timestamp":1719136608427,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1435\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:11:48 GMT\r\netag: 0x8DB5C3F4911527F\r\nx-ms-request-id: a7a884dd-a01e-007c-6930-bee387000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240623T095648Z-17d85d5877c62v4be1cta3dt380000000cf00000000063md\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1435,"size_decoded":3651,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-04-22T15:26:40.527082Z","times_seen":124354,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":201,"dns":145,"connect":19,"send":0,"wait":21,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg","fqdn":"logincdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.430Z","timestamp":1719136608430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"identitycdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Fri, 07 Jun 2024 00:10:57 GMT","end":"Mon, 02 Jun 2025 00:10:57 GMT"},"fingerprint":{"sha1":"40:70:89:49:58:8D:4C:CC:72:14:E1:1B:F5:29:E3:25:12:89:84:C9","sha256":"58:78:C5:5F:85:6B:AC:D4:1C:F0:8F:4F:E5:35:D2:44:D0:72:CF:06:BD:DA:E4:D0:B7:E8:6E:22:A4:96:14:F3"}}},"request":{"raw":"GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1\r\nHost: logincdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 276\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 22 Jan 2020 00:38:00 GMT\r\netag: 0x8D79ED35591CF44\r\nx-ms-request-id: f08663c9-e01e-0044-7e6f-bd9a87000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240623T095648Z-17d85d5877c5gc6c773stxvn2s0000000d0g000000001ft9\r\nx-fd-int-roxy-purgeid: 67912908\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":276,"size_decoded":513,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a9cc2824ef3517b6c4160dcf8ff7d410","sha1":"8db9aebad84ca6e4225bfdd2458ff3821cc4f064","sha256":"34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58","sha512":"aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f","ssdeep":"","tlshash":"29f0598a41c8fb142ce08050dff8ea28540270c3fb4e5008b1922b18e2ef383f6406f5","first_seen":"2023-04-19T20:10:52Z","last_seen":"2026-04-22T15:25:39.330081Z","times_seen":30264,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":202,"dns":143,"connect":30,"send":0,"wait":21,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.433Z","timestamp":1719136608433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2407\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 24 May 2023 10:11:49 GMT\r\netag: 0x8DB5C3F499A9B99\r\nx-ms-request-id: 221228d5-801e-006e-23a0-be05a1000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240623T095648Z-17d85d5877c62v4be1cta3dt380000000cf00000000063me\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2407,"size_decoded":7390,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b59c16ca9bf156438a8a96d45e33db64","sha1":"4e51b7d3477414b220f688adabd76d3ae6472ee3","sha256":"a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8","sha512":"2c7095e4b819bc5caa06811a55c0dae6706970f981806dcf7fd41f744c1dc6a955657a8e57829b39b376b892e8173e8a41f683d329cfbbd0ec4d4019b10e52ff","ssdeep":"192:cdEMK4RwidEMK4Rwbwm6xiD7x9m9t6EQ3FabrItDWOO6DcA:cdEMVwidEMVwbwtxiDHmP6lFeItDWOOc","tlshash":"66e178d532f9e1d85482bbfd6681f1bc3e533dfaaa32d99083d55c19cc8a00c45ad8a2","first_seen":"2023-04-19T22:15:10Z","last_seen":"2026-04-22T15:25:39.344345Z","times_seen":103831,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":197,"dns":141,"connect":22,"send":0,"wait":28,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:48.896502589Z","timestamp":1719136608896,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sun, 23 Jun 2024 09:56:48 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"18f8527030f2b98216329cde04de670a","sha1":"f50595fbc746dfff2c6854dd78e8a9e728d07756","sha256":"f8c95e5b9b6e7356ad0b85088ffce911c8265cc4b911cc0901a88b66fca37bc6","sha512":"6b2e950d1a866f48b041760c22dabcb5cc10cf906fda0d5aa2d62dc6f4896aae18ecb6593c53aff1b82d6357339ef9deb7ddb694cd2214cbbccf7cb349463b64","ssdeep":"","tlshash":"02f0d46915b13e521f17ec0099cee2503810e52e1868d759b07559441707378571532f","first_seen":"2024-06-22T18:04:37Z","last_seen":"2024-08-19T19:11:24.499049Z","times_seen":1353,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:48.813Z","timestamp":1719136608813,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Jun 2024 07:32:58 GMT","end":"Mon, 26 Aug 2024 07:32:57 GMT"},"fingerprint":{"sha1":"78:DC:A6:9E:E8:DF:26:D4:6F:A0:54:48:4B:48:74:34:3F:3D:F6:23","sha256":"AA:51:41:44:EC:97:4A:9C:1E:1B:69:D4:FA:38:82:74:64:69:C2:FC:F3:92:04:3D:38:EF:CC:11:75:BD:EA:5A"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha\"\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 21 Jun 2024 08:41:39 GMT\r\nexpires: Fri, 28 Jun 2024 08:41:39 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 177309\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":2228,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-22T16:10:32.086047Z","times_seen":566662,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":84,"dns":21,"connect":20,"send":0,"wait":21,"receive":1,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:48.987144733Z","timestamp":1719136608987,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802\"\r\nLast-Modified: Sun, 23 Jun 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18839\r\nExpires: Sun, 23 Jun 2024 15:10:47 GMT\r\nDate: Sun, 23 Jun 2024 09:56:48 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fe36e270c1ecfa3891cc7b505e7894b6","sha1":"ce43401e7146eb139a1e3caf7db957e6b9531dc3","sha256":"bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802","sha512":"5bb88dae1dd0ff26edac7aa9a96c18bed64736dc1f2b635f7148df70940faee6f770cdb67519169140253bebe537e8f0b361cbc7eaa5495477ca3cbbf34aabf5","ssdeep":"","tlshash":"ebf07e2a61fa7e62b6f024262e48a9334e210e7d34000d82307052d2b863fdc1bc404c","first_seen":"2024-06-23T11:25:10Z","last_seen":"2024-08-19T19:07:05.736639Z","times_seen":25848,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:48.988585003Z","timestamp":1719136608988,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802\"\r\nLast-Modified: Sun, 23 Jun 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18839\r\nExpires: Sun, 23 Jun 2024 15:10:47 GMT\r\nDate: Sun, 23 Jun 2024 09:56:48 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fe36e270c1ecfa3891cc7b505e7894b6","sha1":"ce43401e7146eb139a1e3caf7db957e6b9531dc3","sha256":"bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802","sha512":"5bb88dae1dd0ff26edac7aa9a96c18bed64736dc1f2b635f7148df70940faee6f770cdb67519169140253bebe537e8f0b361cbc7eaa5495477ca3cbbf34aabf5","ssdeep":"","tlshash":"ebf07e2a61fa7e62b6f024262e48a9334e210e7d34000d82307052d2b863fdc1bc404c","first_seen":"2024-06-23T11:25:10Z","last_seen":"2024-08-19T19:07:05.736639Z","times_seen":25848,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-23T09:56:49.008077674Z","timestamp":1719136609008,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sun, 23 Jun 2024 09:56:49 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"18f8527030f2b98216329cde04de670a","sha1":"f50595fbc746dfff2c6854dd78e8a9e728d07756","sha256":"f8c95e5b9b6e7356ad0b85088ffce911c8265cc4b911cc0901a88b66fca37bc6","sha512":"6b2e950d1a866f48b041760c22dabcb5cc10cf906fda0d5aa2d62dc6f4896aae18ecb6593c53aff1b82d6357339ef9deb7ddb694cd2214cbbccf7cb349463b64","ssdeep":"","tlshash":"02f0d46915b13e521f17ec0099cee2503810e52e1868d759b07559441707378571532f","first_seen":"2024-06-22T18:04:37Z","last_seen":"2024-08-19T19:11:24.499049Z","times_seen":1353,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.socket.io/4.6.0/socket.io.min.js","fqdn":"cdn.socket.io","domain":"socket.io","tld":"io"},"ip":{"addr":"13.227.219.97","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:47.736Z","timestamp":1719136607736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.socket.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 22 Oct 2023 00:00:00 GMT","end":"Sun, 17 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"BB:7D:4E:26:70:F6:06:2A:12:E9:92:A8:F1:9F:CD:82:0B:BF:48:ED","sha256":"C6:1C:9F:99:92:94:22:B4:CA:16:AD:70:73:8C:CF:16:98:BB:6F:5E:9B:8A:EE:32:C3:D5:13:F3:CF:69:F4:51"}}},"request":{"raw":"GET /4.6.0/socket.io.min.js HTTP/1.1\r\nHost: cdn.socket.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-disposition: inline; filename=\"socket.io.min.js\"\r\ncontent-encoding: gzip\r\ndate: Mon, 15 Jan 2024 16:33:26 GMT\r\netag: W/\"80f5b8c6a9eeac15de93e5a112036a06\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::gsg9m-1705336406533-adf1f7d78a76\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS54-C1\r\nx-amz-cf-id: SeiT-kZLpBqneQJJz1XO4clL4kO6hAh7Il3WgtLIjSUomwO0H2xH7A==\r\nage: 13800201\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45806,"size_decoded":45806,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (45667)","md5":"80f5b8c6a9eeac15de93e5a112036a06","sha1":"f7174635137d37581b11937fc90e9cb325077bce","sha256":"0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542","sha512":"b976a5f02202439d94c6817d037c813fa1945c6bb93762284d97ff61718c5b833402f372562034663a467fdbaa46990de24cb1e356392340e64d034e4ba1b4e4","ssdeep":"384:1ZS0CCnasl8gRR/PoPez+iCMN0Fkiw2Jh4RWdRGhAjbp2ChPL8cYRGv5MRUK6np9:/CCnVl7tUkBxkdRGOfDiY5C5MAn5GY2","tlshash":"1423a488f2a1b06187e37165443f110ba27a746964c9c18cf639d9f19eb8ece7123f79","first_seen":"2023-04-05T03:09:50Z","last_seen":"2026-04-22T15:05:41.746884Z","times_seen":39649,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":101,"dns":65,"connect":16,"send":0,"wait":17,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"11cyclesforest.com/jsnom.js","fqdn":"11cyclesforest.com","domain":"11cyclesforest.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/USER23052024UNIQUE0249052354202420240523490254_1718318322681/USER23052024UNIQUE0249052354202420240523490254_1718318322681.html","date":"2024-06-23T09:56:47.738Z","timestamp":1719136607738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"11cyclesforest.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 May 2024 22:59:28 GMT","end":"Tue, 20 Aug 2024 22:59:27 GMT"},"fingerprint":{"sha1":"0A:39:AA:2E:4F:EE:89:F0:E7:84:AB:D6:9B:98:91:65:92:B8:44:73","sha256":"FF:A6:2C:7F:20:2C:70:10:36:CF:AF:53:2F:35:EF:05:D9:57:D5:C4:23:D9:E1:F9:21:4F:40:3A:B8:A0:79:F2"}}},"request":{"raw":"GET /jsnom.js HTTP/1.1\r\nHost: 11cyclesforest.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-f802d7a51268487fbcadf32b2b18258c.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Jun 2024 09:56:48 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 23 May 2024 07:44:29 GMT\r\netag: W/\"17e30-18fa4689ae7\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Z%2BTtpu%2Bxnd4OkoxwG01nNmDt5OnBgkvLXQ3msUxvOkU61vZsDfmnR3Q3iioJNRldX0mhbfyzj2jbDBUKySd4IT7Gri%2BMKBHk9qHDKpI8qQAxoK4A4ekbl%2FkPeqWbwx1JZQymRcI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 89839c36fde856cb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":97840,"size_decoded":97840,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":740,"timings":{"blocked":96,"dns":63,"connect":1,"send":0,"wait":541,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}