{"report_id":"9508fa54-60ee-4225-acdf-1eaa6dcddaea","version":6,"status":"done","tags":[],"date":"2025-09-21T20:47:14Z","url":{"schema":"http","addr":"pekora.zip","fqdn":"pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.pekora.zip/auth/accountlogin","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"title":"pekora.zip/auth/accountlogin"},"submit":{"url":{"schema":"http","addr":"pekora.zip","fqdn":"pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T20:47:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":14,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.074478+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":15},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":582,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.163853+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":2518,\"bytes_toclient\":54168,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.226163+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":625,\"bytes_toclient\":2855,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.763851+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/fonts/roblox-font-icon.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":39,\"bytes_toserver\":3560,\"bytes_toclient\":34143,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35406,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.809845+0000\",\"flow_id\":559844226343209,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35406,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35406},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":849,\"start\":\"2025-09-21T20:46:53.696617+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819586+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":860,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819927+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":853,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.609327+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/i/do/not/exist.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":873,\"pkts_toclient\":2869,\"bytes_toserver\":59016,\"bytes_toclient\":4329464,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.pekora.zip","ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":1308963,"first_seen":"No data","last_seen":"No data","alert_count":49,"request_count":22,"received_data":18591239,"sent_data":15641,"comment":"","tags":null,"fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Bootstrap:5.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":11393,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":15,"received_data":1062135,"sent_data":10133,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":1678,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":7,"received_data":822548,"sent_data":3445,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pekora.zip","ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":231692,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":6294,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.074478+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":15},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":582,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.163853+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":2518,\"bytes_toclient\":54168,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.226163+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":625,\"bytes_toclient\":2855,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.763851+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/fonts/roblox-font-icon.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":39,\"bytes_toserver\":3560,\"bytes_toclient\":34143,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35406,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.809845+0000\",\"flow_id\":559844226343209,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35406,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35406},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":849,\"start\":\"2025-09-21T20:46:53.696617+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819586+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":860,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819927+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":853,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.609327+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/i/do/not/exist.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":873,\"pkts_toclient\":2869,\"bytes_toserver\":59016,\"bytes_toclient\":4329464,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d0e824454dbcdbad60a84df4bbf2d256","sha1":"fc0f3a295c3e76db6cc17caaaa2f8bc723003b5b","sha256":"f1efbcbd9ff918613b50630110a724e64dce7b563ee168f7dd56e85d3d760247","sha512":"21d56b172a84bc6f1d1bc181c638dffa06846ccc4d900e130e60e54a3d68037f7708924502658f08dce3131cc91388046540104a9aa692c96bae85e5a2f58f7c","ssdeep":"3:N/BKL1XFRd+7n:eL17c7","tlshash":"575504c0544034711d50cc01d1741575d407040070350401f0df0fd417301000014f50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.493979Z","last_seen":"2025-09-21T20:47:54.493979Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a4f67c45ab83f1b578815915c739baf9","sha1":"77a1805659494c0614e31d967ea3a11cbce9933d","sha256":"f41d5eb831ea65e8730179bb27c49c72b2f656a69ff0233a2f25a849f980a580","sha512":"5a912d7109d8d4f4fe0fb78de7225a4d7dd772baa060ca0c7864e285c8523eb12c696c1e204d55e88ffe1f8eacc4ce50f03220f766935f4efa2f6cf943af2b0c","ssdeep":"3:N/BKL1XFRdon:eL17qn","tlshash":"dd5504c0d44035711514cc01d1741435f405040171370401f0dd47d417341000010d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.502178Z","last_seen":"2025-09-21T20:47:54.502178Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e6f4bbd39b81daa4306a372f46d6472","sha1":"112b5764ca341b30fabbe4f296cd43f7d6143251","sha256":"64cbb70736b9a85860129012c30a83a6b936befadd5369efbb2ab0aa0b07daa0","sha512":"c1d85ed102d5be614959ddac0fc76c434666527f4a29add3c44b56ba9272606c21f2fb14110aebd132c5ec2ed10713edf3aeb492834d3f1807162e118e2f106e","ssdeep":"","tlshash":"e511238d7b3178b4233322fb4c7a213b8a66fe852445e6a4c542e5c63c12e05851ff78","size":1108,"data":"","first_seen":"2025-09-21T19:43:01.258342Z","last_seen":"2025-09-21T20:59:27.37261Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"eaca61d7f99ed7b300d542a474edbace","sha1":"97467bfe754522bc1f856f485126e8584cac1997","sha256":"3d43faf3493c23b67d8890ab7d8038f09d6269c102fa49a24289b0adb570d1e7","sha512":"4a2dae4f2c829c51d5ea4737d850e288edb644cf2ae8ece9f3c55ac9c5236f76d38084f5c7413fd2570d71996bb677409cb41f314aa65f74ab061b747ebff546","ssdeep":"3:N/BKL1XFRdd:eL17/","tlshash":"655504c05440307115d4cc01d1741435d40d040070350c01f0dd17dc17301000030d51","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.505126Z","last_seen":"2025-09-21T20:47:54.505126Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6934d9d33cd2d0c005994e7d96d2e0d9","sha1":"96d89030c1473585f16ec7a52050b410e44dd332","sha256":"08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952","sha512":"64ff1127cfca45f7ab820ffa481a3af55570ab2d7b1b7e9d3c0309bd3b6783f6b8d10c8eb2224bc517613f82372722a443dc221398cd2e5b24594ebef1bf4359","ssdeep":"","tlshash":"cd1100000000000000000000000000000000000000000000300c000003000000000000","size":1000,"data":"","first_seen":"2025-03-02T18:12:34.22932Z","last_seen":"2026-04-04T18:44:56.158462Z","times_seen":123142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4ce30f914777bf44c4b5018c92289678","sha1":"340d4eb19cadb626ab705694a39f4b8bb4988e81","sha256":"99fed686fddecf6e81e0be2f2aa28be940f0e49635fbfbc5a943353dc841b412","sha512":"350c7a34460b569b8b45c927917014f1a41013b9d04e39f6b1155e6687c6b23f30dbfa6a1e19ba6aa999f5a13a5f8a2b8a0c1b1fd201bbff6be04f189382ba5c","ssdeep":"3:N/BKL1XFRd0cn:eL17Wc","tlshash":"625504c0554030711531dc01d1703535d405441031370405f0dd07d417705000010d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.506893Z","last_seen":"2025-09-21T20:47:54.506893Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0b584ef20e172a856858c8beda7ada49","sha1":"8deaf2408e424db1e49c23fa7092561857bc5ddd","sha256":"cc520c3041b3c62fb481784a8bffb4cd82004543d2ef21646e546e6b4479f6bb","sha512":"36c4cb8d5ecb279fafcdcdfebd69d7052eedc8e2f0929d16a5a5e39335b7c854fb35bae6c27f5483404600e342766123135c42e27a87ca01c737cec3d5bf2a86","ssdeep":"3:N/BKL1XFRd87:eL17e7","tlshash":"f55504c0544030711d10cc01d3741d75d407040070350401f0df0fd417301000114d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.508649Z","last_seen":"2025-09-21T20:47:54.508649Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"642462eadb7fa90c467ea84870a36184","sha1":"c8c9350cedcb1eb04b1219e3394db5a6cf735510","sha256":"dceb7c228f7c24fbf9aba183b826e655fbffef1605531d1bab95f648132fded9","sha512":"fe0ee3c3bbef7265e9391f7334daeecd94c2213c532b939dd435117fada945dee5e2e5aca40c0ee8592e0ee279bd5553b2a1dcbee2f927f4aed6e85fe865bbb5","ssdeep":"3:N/BKL1XFRdT0n:eL17yn","tlshash":"d95504c0744070751514cc01d1741435f405050071350c11f0dd07d437301000410d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.509758Z","last_seen":"2025-09-21T20:47:54.509758Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"474fedacd347b583b941fc97a527142d","sha1":"9d73d4b13bf10e60e1c061ba8d0bef1c2c3dfb9e","sha256":"ab20a2f233fa20649fae4b6db269749eac00afd3456336502937c369f603f2bc","sha512":"e4cc54c13ab324d4f1cff03687971befe24bbfb2f5799cd4507e387455a7a6407c227bde2939a8ae135c79d874e546648f3234450ae68e917047b63126a41fa2","ssdeep":"3:N/BKL1XFRdHW:eL17A","tlshash":"4b5500c0a88030f32a20ec02e2b0283ae80e0820383a8802f0ee0be82bb02000020eb0","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.511797Z","last_seen":"2025-09-21T20:47:54.511797Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ccd9d390d31af98110f74f842ea9b32","sha1":"a85e681624c91a106a514c31eacf80de817b2cc3","sha256":"f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3","sha512":"a5ac783258178c710f7c2c1c24b4218a063bf8df2bb7a6d5bd62c5c9432ec5286fd7bd17e774d1cc63e63e4666181864fa38a447c581338ca5ec0f563071eabe","ssdeep":"1536:pppbTNR2t4NEdiK5J2w8gGzjJVPOW7tI+r9ixR2nwZY:T36WJr9ixi","tlshash":"a873c5493254b8730ade45a68037470bf3265994b14b802cb5bcadde2a3dd8672b7f7c","size":78129,"data":"","first_seen":"2023-03-07T01:06:26Z","last_seen":"2026-04-04T17:30:40.24768Z","times_seen":15155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c6a420d4956b7\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff3ee47cc85f341314052f47da6bbc4c","sha1":"e975ebf3361a261cc64273361634bd358a71bd50","sha256":"808c64ebc8a55cf70ccfd8d92cd7a1dca1a77e84f9ace41fd77cfd62cee1387e","sha512":"b5364208e6df1e0397b7de7720ae78c2399602adc137cc40d23355674b119335bf199fdf281a3f28a01f73183eb1db2f2d6505ad9e95b20d2f3b7338cd2c1f88","ssdeep":"3072:eNRBCoEEcKk+v65pa8H2uePImV/8AK13gW1Jef9:MgoOKkfmuePImVEAK13gW1Jef9","tlshash":"66e30b4d35c97a6953ea28f6403b24cf72b66cc4b01c895deb009dd67ce532873b2da8","size":145354,"data":"","first_seen":"2025-09-21T20:47:54.476645Z","last_seen":"2025-09-21T20:47:54.476645Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f3b33b900caa18cc447deaa2dccf932","sha1":"62107a86fa5113247ce7e28367639137094ab172","sha256":"9d28f1e36635fb311a7b8a4b79850e040ee3dcf4d98a99a36fb6f06ebc3a1197","sha512":"2d2efdb4b3b3d6806b387265d25d111612238e70de9d3cb5825bc709f489598172fa06448d0b3e280eccdeec1910a0bcd6f7d9ebf98a95fb7482084cc9b91d78","ssdeep":"","tlshash":"f061d8cec57cc56fe7a8ad2e9276b3017e32014e6038d0f5dbc1950e406ade28196ec4","size":3207,"data":"","first_seen":"2025-09-21T20:47:54.516923Z","last_seen":"2025-09-21T20:47:54.516923Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c81fa714013ca5490596fd55c9ddf528","sha1":"6bbcbbe0e9e8adf505763a7a48e2328ddb04a253","sha256":"5ba0ba591573b107840ca28ca86d554580f79f475fb11c07ca0271bd3f95c5cc","sha512":"3ae363b9f6f2f623b69e307798e770e4a6f4df1b89c8bf579c6411980002067154dbd9be477ff1bcc1aac8bb14165ba06c06808ca5ed5b1bfaa9a745daf8c2f9","ssdeep":"3:N/BKL1XFRdI:eL17+","tlshash":"755504c055c075711554cc01d1701435d405040030370401f0ff47d417341000410dc0","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.518268Z","last_seen":"2025-09-21T20:47:54.518268Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9711a7b70d197e79e4ebd1a12ddf1258","sha1":"b0a842a093aced41333d75346974177a73fbbbf9","sha256":"ae3c13743dc64c392ba40a0d3f23c8c135bb2816504ed52dbebcee2a13da0bdf","sha512":"14113ad20e7a51b90a1e00d2d9b6227aa7b26e3b1f7345dee89a5a5a644516d3c3b102410c61406b4b90bffb2ab37c8ba46db45687b6663e89aa34631469ba50","ssdeep":"1536:UMs3h970it7INvEi30qkN+7PRH8USb89yhQEsLU7EEqGDUSrbi7xoiDRjmR9kJyW:UJR0S9Q0ZN3buxoiDRmWyw45JdJ272bC","tlshash":"1cc3098d34ca726953a72865006724cf71b96c84f01e582dfb209de07ceb71c77a7d6a","size":122119,"data":"","first_seen":"2025-09-21T20:47:54.455732Z","last_seen":"2025-09-21T20:47:54.455732Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.074478+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":15},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":582,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/f78657f80e4b/api.js?onload=PXGpw7\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b661f4cb7c8743c758053f6696d83e42","sha1":"c2877a9185c7402056feb50723f845e35c8574f3","sha256":"3dd3733199c121286e02ea0668730c4fb8b1773a0d8b84b16471254e785c2c4e","sha512":"f13fbdb6a12ba0590f889ad7b337b7cc1734aa7272dc056d0097ed3ab3aadcb71efd7bfe32100771c4d6b12c774dc4b007c357f70056b9409d95260e9f6c59b9","ssdeep":"768:XC6BRV2fM4l0a+rnhPLy6PzR8u5jUj4FclBMqfspVyq11AY13kep+ORWqxIrm3LW:J2E4l0a+rnhT//j2B6VyGNI","tlshash":"66231b583256797227e980e1617ba74373297939e94ccc50d423c86536acecad233fba","size":48995,"data":"","first_seen":"2025-09-08T12:20:57.981855Z","last_seen":"2026-02-19T10:03:30.871534Z","times_seen":12070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"610f4b5d37b562e9887cd036782fae58","sha1":"4f94651b39a68ea0a51d15c84022871ae6dcb98d","sha256":"4f86d2d588bd4f31a065f2bdfaef04038138434a3b709c2bfda4b55ed082aad4","sha512":"fc5a87ab4b8e6216e9a9bd2af6dc63066195133b86239d08cbd3d751f70f2fa1c623e01c9328bd19567e0dc913f835c41f0abf59d0472d067ac1f3be0fa294fb","ssdeep":"3:N/BKL1XFRdd1n:eL1771n","tlshash":"335504c4554130f13510dc41d1701435d415051030350401f0dd07d417701000010d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.519636Z","last_seen":"2025-09-21T20:47:54.519636Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e1000fbc229f2729ab496a81b0e3256d","sha1":"efe6ef0c145aede2049ced6773ed62cab53d4025","sha256":"78ec0e5967b7395f718d7eb0f2e45c0fcad86103224d5c89def1750879db2ddf","sha512":"cde6c7e96790d0dbd7a1e2fcb6f41d5e30411b0d6408d4f973e0df589ece88b1a77438cedebfa01a4e9c7abf535c746e3e9b815edb93fbc2a8a40f99105922c3","ssdeep":"3:N/BKL1XFRddX:eL17TX","tlshash":"925504c0544170f51711cc01d1751c35d405150070355441f0dd0fd417301100510d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.520943Z","last_seen":"2025-09-21T20:47:54.520943Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2bbefff12a0a8663f4a931e59c0aa4e2","sha1":"38173d36fbcea19a69c4c92782904f5ac260cd90","sha256":"cf7dc9bbd16b2107e11712235d5d092dd5b685b819b78651657cffd8f84b9f09","sha512":"b0136603da5a02bf15c73594b0c2c53954e648678c092fa9a86d63f30843d35c60ba8e0278cb86a14ebf6a39e1ab5ba824878d832e55f4535a3a06b8100614b5","ssdeep":"3:N/BKL1XFRd8g:eL17h","tlshash":"a75504c0544070753d11dc15d1701435d40d170030354401f0dd07d437701004030d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.523427Z","last_seen":"2025-09-21T20:47:54.523427Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4bf12919ac3bdb2e3d463e3effed24bf","sha1":"f291790fe61405ec9267bfc5c5864d845566aa55","sha256":"3c245ad35ce591f78aabc63b33b64e574a8bdaa5bc9f20167fc4221dd5833f88","sha512":"28f0e332955d9d7cedee74d0d90adbd911271b125e9cbf8ceab5330765b6cd14509f8595308fbb783f8262bb2c89b269067698e9eb3fbb14fd88857ae7720f1e","ssdeep":"3:N/BKL1XFRd4j:eL17aj","tlshash":"db5504c0544030711d11cc41d1751435d407440170351401f0df07d417301400010d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.527289Z","last_seen":"2025-09-21T20:47:54.527289Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e6f4bbd39b81daa4306a372f46d6472","sha1":"112b5764ca341b30fabbe4f296cd43f7d6143251","sha256":"64cbb70736b9a85860129012c30a83a6b936befadd5369efbb2ab0aa0b07daa0","sha512":"c1d85ed102d5be614959ddac0fc76c434666527f4a29add3c44b56ba9272606c21f2fb14110aebd132c5ec2ed10713edf3aeb492834d3f1807162e118e2f106e","ssdeep":"","tlshash":"e511238d7b3178b4233322fb4c7a213b8a66fe852445e6a4c542e5c63c12e05851ff78","size":1108,"data":"","first_seen":"2025-09-21T19:43:01.258342Z","last_seen":"2025-09-21T20:59:27.37261Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"69ee9228c7bfe483a04cb819d07572f2","sha1":"f3c66bf2ff07a741f7f30d3c6317ca28eaa80dcf","sha256":"ba1eb40dbe4b6f0a6ad2c73858608dbba246f234fa0d88b9cdc02f9a54da5bf2","sha512":"bb51bb0e582d7444bddef69850216977da588a940f03dd954beb487451effbadb8c6f2b75de1f43edef67fc68e936dbc0127be0fc1d09032bd1300185f241b0e","ssdeep":"3:N/BKL1XFRdqw:eL17T","tlshash":"8e5504c0544030711511dc01d1705435d405040034351441f1dd07d437f01000510d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.528701Z","last_seen":"2025-09-21T20:47:54.528701Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6934d9d33cd2d0c005994e7d96d2e0d9","sha1":"96d89030c1473585f16ec7a52050b410e44dd332","sha256":"08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952","sha512":"64ff1127cfca45f7ab820ffa481a3af55570ab2d7b1b7e9d3c0309bd3b6783f6b8d10c8eb2224bc517613f82372722a443dc221398cd2e5b24594ebef1bf4359","ssdeep":"","tlshash":"cd1100000000000000000000000000000000000000000000300c000003000000000000","size":1000,"data":"","first_seen":"2025-03-02T18:12:34.22932Z","last_seen":"2026-04-04T18:44:56.158462Z","times_seen":123142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a8efc24872436cb42db65f32cbb30b56","sha1":"7040f09d566fbccf2dfc8e5ef812c9af0bf91cfa","sha256":"6eae90266b9df791ee5b775f19c2581de3f2574c7887cfe3815f8bcbfca50fb4","sha512":"cc51fcc6d411e37df4523debe7b945d831722025f5c8542c206a81f56791ef7d9b3310a59983bfdd23407b5304bf897f8a0b3e57464a0d7d3924f0277af4a515","ssdeep":"3:N/BKL1XFRd6:eL17Y","tlshash":"7e5504d0544031711510cc03d1741435fd05040075350401f0dd57d4173010c0010dd0","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.530401Z","last_seen":"2025-09-21T20:47:54.530401Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d914f7aba093573abd2b580af9014830","sha1":"c0ca21a0d128a8e43a27028ccce7b67fb323a9c0","sha256":"dd7a8a6b0b66ef5652978d89ffac83f65461bae93820574815109df043d96f6c","sha512":"ea404e296db7b2fd347dcd70c7ca0b74e985bb1842d0380217b776e5ec593e389500786cfc28b0cf16664afd30889754c3b55b4f93429316a0b031c6816392ad","ssdeep":"3:N/BKL1XFRdw:eL17m","tlshash":"e55504c057c075711554cc01d1f01435d405040030350401f0ff47d417741400010d41","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.531966Z","last_seen":"2025-09-21T20:47:54.531966Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33f3242f2d7d3593c43bb8d54210722e","sha1":"fd2f2dbde949e558e4d0c29e3b4356d3f9ebc02d","sha256":"8119845f9c591609c78bec586ff1309bd7ba7ba3f85964ffc1c49f510bb08846","sha512":"12d3300cab16a3707a8e601f0c986ebacdeb598b8c3364b31be620b694bcf37414e0fd63dfd82ee8bbf3bd21c635b69dc335081fee6a45b5a00bd7405f8f697d","ssdeep":"3:N/BKL1XFRdZU:eL17g","tlshash":"955504d05c4030711530dc01d1741435d40d4410303d0401f4dd07d417705000030d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.537387Z","last_seen":"2025-09-21T20:47:54.537387Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3bd4650e2241d037b332a67a6501e562","sha1":"e33a619e656f5718bd5a6bd9ad5acf479722698a","sha256":"76fb151d024b4043d8219619580438c4e6f60195b429591121d645f4f95ac660","sha512":"cd0f70d1406d201168e58f28ee365a39bd8be47ef767056998e9cc0b87ad73c60b7e7f0507a7d1f3b69d1d0d1df850127b11f934b41deac9e53ead7c2f0df58e","ssdeep":"3:N/BKL1XFRdX:eL17F","tlshash":"f75504c0544030711514dc01d170143dd405041030350501f5dd07d417705111010dc0","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.541392Z","last_seen":"2025-09-21T20:47:54.541392Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"81573a78c086dfa4602eedbdbb895dfb","sha1":"47e280a63dcd596eb009e50f702b51e4126baeb9","sha256":"24fc811df02e0b8275792068415634bfa4926af6bbe8a42f6d6133b085d75df8","sha512":"931eb8a25a64c1cfb6d7f00ff1a725756e119035de73d2bd88963923e3e8a899599fcb766fb6f1354096e607c0a47b8d6a3d01a048d21d25c6d76c5fcf0ebff7","ssdeep":"3:N/BKL1XFRdtRV:eL17bRV","tlshash":"835504c0544030711510dc11d1745435d405440030350401f0fd0fd417701000410d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.542932Z","last_seen":"2025-09-21T20:47:54.542932Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"81ec7bcd05dfe9f22175a5e1bc8dbad6","sha1":"4839305ecc9dec0f4870b7bd0639ac0814f8164c","sha256":"c53a211d0bf1578d4f25cba5a30e344f367b718842500beda6945ea3d234ff69","sha512":"c364f5e8175a97d78c35ae1f4fd394b6d1c4a7649336ea8b979aa26de846001e21e337754369b1b35958834e5b6985044c8ea11ce168a99913ae46b3510f9259","ssdeep":"3:N/BKL1XFRdsn:eL17+n","tlshash":"9b5504c0544031731751dc01d1f01435fc050c0034350501f0dd07d417701000110d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.544912Z","last_seen":"2025-09-21T20:47:54.544912Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1370272b9979cf073fd355b9f11a2f5e","sha1":"244f9d6ffa9b16ad22d32248967579fab2fa2735","sha256":"a26da7758ba4b454793cf31d96856a2d09fc836c20be6513539f9b1ed0fae306","sha512":"f04f05fa2f0798b16ee5a4fdd3125dbd4dfb2d04545877f71f2cfd2ca373405c9381caa74a72cbcb33afd166330b5c145b49946de93a15b1e044baae3d5e2550","ssdeep":"","tlshash":"55611b4de6bc804bbff93a5cc59973a43d7011478520a4f1cfc2c90db4669e642f1e55","size":3187,"data":"","first_seen":"2025-09-21T20:47:54.551885Z","last_seen":"2025-09-21T20:47:54.551885Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7d08b5fca7b3764aa5c5d5a085bd97b3","sha1":"53e2a018e066924e6b31c4817bb617be58c161f6","sha256":"9889118383f350b2e8cebfe6f9a5c8c904bcb84ce10243f302c7dead103d6e09","sha512":"1210001c5f4ca53422fd7fcc6388b87bbc888cb628bc0d1935d47fd0617f55aba81388c70d1c809c716ee3bc42e8dfcab92235ab4195b5176b40bacb7c36cd74","ssdeep":"3:N/BKL1XFRd7:eL17x","tlshash":"7f5504c4554030711530dc01d1701535f405443130350411f0dd07d417705000050d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.553522Z","last_seen":"2025-09-21T20:47:54.553522Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"381227d8ed17d98a0f3964e9a1ff5b8b","sha1":"9a3c310e9c1b8f4fb6363db3342f53fa80d7dbc3","sha256":"cc37d010d93b9a84b0208fde77670a1522dd995b5d6cd9805faec5241f8888d6","sha512":"da382c8b043c299b189c26863f356ea8e19e2169c77fa3ae2a148f923fbf4c08c54b33a87636f84e9fae3cfd4f4a022dbfa238e206d6cd2923a342348724a980","ssdeep":"3:N/BKL1XFRdX9:eL17v","tlshash":"015504c0744030751510cc01d1741c35d405050070350403f0dd0fd457301000c50d54","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.556402Z","last_seen":"2025-09-21T20:47:54.556402Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bf7b34dfa27c26a7f96029bb6951e0a5","sha1":"b1d0a8836ff1813b12dbfb663b5929da878a4542","sha256":"493a79c43af6386efc5a51015877994e27e8f7f90e78958e6488e73f7c74dd03","sha512":"4219da7af464be84e27655cc9e08633aa7a7631ff87a318b746407f57092c8659f12a4e2cf5397140e6c275a84e29b3fb95658c4d88f000ed5e362ed7d6ec938","ssdeep":"3:N/BKL1XFRdbi:eL179i","tlshash":"895504c0544130f11510dc01d1701435d41f150030350401f0dd17d417701100010d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.557828Z","last_seen":"2025-09-21T20:47:54.557828Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b661f4cb7c8743c758053f6696d83e42","sha1":"c2877a9185c7402056feb50723f845e35c8574f3","sha256":"3dd3733199c121286e02ea0668730c4fb8b1773a0d8b84b16471254e785c2c4e","sha512":"f13fbdb6a12ba0590f889ad7b337b7cc1734aa7272dc056d0097ed3ab3aadcb71efd7bfe32100771c4d6b12c774dc4b007c357f70056b9409d95260e9f6c59b9","ssdeep":"768:XC6BRV2fM4l0a+rnhPLy6PzR8u5jUj4FclBMqfspVyq11AY13kep+ORWqxIrm3LW:J2E4l0a+rnhT//j2B6VyGNI","tlshash":"66231b583256797227e980e1617ba74373297939e94ccc50d423c86536acecad233fba","size":48995,"data":"","first_seen":"2025-09-08T12:20:57.981855Z","last_seen":"2026-02-19T10:03:30.871534Z","times_seen":12070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T18:46:53.546146Z","times_seen":666336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f977131a08d62e1bfbd4974340a83e22","sha1":"0a39fae1c8ab3b83eab7c93817a43b2d4fbaf989","sha256":"66a129a687d7f85f96f47207fab96a033804d194cedd7fcefde6a9481e7ed5e6","sha512":"7f524bf162508ab08f061fd843e621b8b0e266636c8f34d6290b8bac14de1cd4d4d405ca5a6c648b59bf371527c5d508462d562e330b6a721a1a15f8996ce0e2","ssdeep":"3:N/BKL1XFRdScSn:eL17lSn","tlshash":"fa5504c0554130f51510dc45d1701435d45d150030354401f0dd07d417741004010d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.561037Z","last_seen":"2025-09-21T20:47:54.561037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ccd9d390d31af98110f74f842ea9b32","sha1":"a85e681624c91a106a514c31eacf80de817b2cc3","sha256":"f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3","sha512":"a5ac783258178c710f7c2c1c24b4218a063bf8df2bb7a6d5bd62c5c9432ec5286fd7bd17e774d1cc63e63e4666181864fa38a447c581338ca5ec0f563071eabe","ssdeep":"1536:pppbTNR2t4NEdiK5J2w8gGzjJVPOW7tI+r9ixR2nwZY:T36WJr9ixi","tlshash":"a873c5493254b8730ade45a68037470bf3265994b14b802cb5bcadde2a3dd8672b7f7c","size":78129,"data":"","first_seen":"2023-03-07T01:06:26Z","last_seen":"2026-04-04T17:30:40.24768Z","times_seen":15155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0bc615ba7b9b8a5c749ba59133f27862","sha1":"11dbe861ba484b2b31a255184d993a209deac422","sha256":"96d570b23743f6ef67150afcd65d77ef6ffd99568176d5fcc84e74a377474a7b","sha512":"bcb5a46393ec1e13007a07375cf2a9e5e7acf13465f4148fc36d6c61ba3b6ff4ec760b564a27ee4afd4b65d81bc28de36ea4afa36cb26d8b9f444dbcd5835441","ssdeep":"3:N/BKL1XFRdf1:eL1751","tlshash":"b55504c0544130f11510dc01d1701435d415051030351401f0dd07d417701000050d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.563251Z","last_seen":"2025-09-21T20:47:54.563251Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b41faf209c15bd059737d201e165cac8","sha1":"39009712658c83d7ed45ae3fa9edc13db1c05dad","sha256":"fab0483bee34bd7cc2a52aecefdc02eb5da1306a414a91166896ebf05e0f5651","sha512":"f5eea5acb72c52d48189162e7543d6a7fa418454f0922baf85274363476c6ef037b20761c97222c678a790a0de91039b11049cd2a3db52e463a4b64b7947fbb2","ssdeep":"","tlshash":"eb61d7dad341912097baa9c3492bb7b4f17110b66a211154f7e4cf5c9b7ff8a920c1d1","size":3420,"data":"","first_seen":"2025-09-21T20:47:54.564361Z","last_seen":"2025-09-21T20:47:54.564361Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c69e83d2532fa\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"770e22c5dec37671441dd00d2c955313","sha1":"58b8b1d9422b0d48434117f8ff6ba7687622bc70","sha256":"f75b038795dae56b874c58697ee7ab1aae2c2a9090ee012646da969977f85827","sha512":"38593b3d88e699133abef2cad87c0239d5ef562b711b24276158ed04f0cf421c51fe7f4ccf2633395edfbbcd9448f90cc6de8cb3504d4a5128f1a90503a0e735","ssdeep":"1536:h7kL8AZ0k/4NdANjv8TyFWXhA1rEVuazTHpEE27guUB1B6ugca2k3ZMqbO8/nLex:hw8AShN4cAlEjui18dP/68KHIq","tlshash":"1fe3f8893ac9767e83aa24e6443b24cf62b65d44f01d591ce654dce27cd631c23b3eac","size":143539,"data":"","first_seen":"2025-09-21T20:47:54.472713Z","last_seen":"2025-09-21T20:47:54.472713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cd157dee6f5d51da17d9e8a15a73ac76","sha1":"e4a54363698274d3488a816337988838da4b9424","sha256":"6ee66d00fa1551adf45afa3c655f91b170b9c4b32801aea39ea80ace482668b0","sha512":"d5b952c65eacf0a653175ce641f3d7bc0030c467673c6c3fa35e0701c863f0fa4d66432b9fa912f9e25b77872dd0572b4658d9d1b78856eb7c3d4d622ef7f655","ssdeep":"3:N/BKL1XFRdoln:eL17In","tlshash":"f75504c0544031711510dc01d1745435d40d0400303d0401f0dd07d417701001115d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.567314Z","last_seen":"2025-09-21T20:47:54.567314Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"af65e3f6fa07f53c43989aba5c08098f","sha1":"2c78dcff3dd41323ba8efc803b000bdc390dd762","sha256":"0e82b92ddbb1afd2f8748132199202acd8290602a9dc379b4e30bde645551c25","sha512":"0e7788a51099a73150df30eaf45a4c8d7f0d798b3cdbb140a65e25652958bb42ffb9ea98f7437c9a522cda2afca5b7e63ba4dd95598a5b8f300ee92990db3027","ssdeep":"3:N/BKL1XFRdx3:eL1733","tlshash":"3b5504c0544070711d10dc05d1703435d405050030354401f0dd07d417701000053d40","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.568837Z","last_seen":"2025-09-21T20:47:54.568837Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b0d83257ad140cd3f9dd6ada274afe16","sha1":"83c830a3d993d1ce4eb5507b14951c2cd25db7d0","sha256":"6e96ad318f398169175192eeea0b69f83627addc8f8534d420dac932022bca64","sha512":"280877f63215a9d5690de4d77e4e419acec04cdf8fcf2dd584fa05203cc069726dedf76404b14afa2dd255f0aa258e9fb60f16ace7a8dc48af16b5390bdfd57f","ssdeep":"3:N/BKL1XFRdW:eL17c","tlshash":"965504c0744035f11d14cc05d1741435d405040170350405f0dd07d417701000410d50","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.570164Z","last_seen":"2025-09-21T20:47:54.570164Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"96358e4adb7e0f853b290516b93d0609","sha1":"c3378fe3e6eb21153f26c65a97efea12b15232f9","sha256":"92c9e863fcbc9ab0b916207908a6742a1aa2e6aacf9d68891ccba803836251bf","sha512":"647ea25e1c323893f723319801f670185f937f9bffe9d1a1af6ae735c80357a3540b695958da30fcffd110a63128c6940bd593ae226b28d9ae4942f2b9646c20","ssdeep":"3:N/BKL1XFRdaJn:eL17W","tlshash":"615504c1554030771550cc01d170143dd405040030351401f0ff07d517301010c10d44","size":1337359,"data":"","first_seen":"2025-09-21T20:47:54.571857Z","last_seen":"2025-09-21T20:47:54.571857Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-04T18:46:53.62713Z","times_seen":747713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T20:46:53.483Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2413\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 982c6a2048790b59-OSL\r\nAccess-Control-Allow-Origin: *\r\nLocation: /auth/home\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QdtwTNDD87zCFA6gKlJHF3QiKl1%2FCeN3R1ARXdOBEpSA1WUx2lgP3r7gN0jaaDlMZbgBvK1r1T5aqSuIB0xyYRJSjEIuwmpR3wJyOBcat8XpF7RSBokegiIxOFbqCgXLHA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=653\u0026min_rtt=543\u0026rtt_var=44\u0026sent=24\u0026recv=31\u0026lost=0\u0026retrans=0\u0026sent_bytes=20146\u0026recv_bytes=11624\u0026delivery_rate=16599647\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":82,"receive":30,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.pekora.zip/auth/accountlogin\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE; .AspNetCore.Antiforgery.zqKkAMzkTHA=CfDJ8HsUa6omXNlJox__oSL1EWYU0sKVPpDqkD6qCBTDCBoZhwxoUd40wfMGkyZrw8DVJOGANe-rLkHQ4MY76lsSM7d3-MExX_6csncXzkRJiJP62I6Vf6gAa4dLf0UfpKigXGb6XetmBtpWdWGHfEgw-4Y\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wG8gpkx17hdxdTjpaQ0UCt5arvcR0WzgAMoIv6UGhLfZEk8BM%2BQ7IOS9y4%2FjJY1PUhvUVhB0Tg2qmyz8qM0PRiwP1q0DpQI93ZETPau68Z%2BdzKS0msFnci53mWcIbixatw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 982c6a41381456a9-OSL\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1770\u0026min_rtt=858\u0026rtt_var=1189\u0026sent=25\u0026recv=16\u0026lost=0\u0026retrans=0\u0026sent_bytes=10531\u0026recv_bytes=3166\u0026delivery_rate=2234887\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=22174\u0026unsent_bytes=0\u0026cid=2f0fb047bf8791e4\u0026ts=14928\u0026inflight_dur=32\u0026x=51\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pekora.zip/i/do/not/exist.png","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET /i/do/not/exist.png HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/auth/accountlogin\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE; .AspNetCore.Antiforgery.zqKkAMzkTHA=CfDJ8HsUa6omXNlJox__oSL1EWYU0sKVPpDqkD6qCBTDCBoZhwxoUd40wfMGkyZrw8DVJOGANe-rLkHQ4MY76lsSM7d3-MExX_6csncXzkRJiJP62I6Vf6gAa4dLf0UfpKigXGb6XetmBtpWdWGHfEgw-4Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nlocation: /auth/home\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o8Z43Ww5nNEyjL23ceINOQxa%2F26OXCOF%2BA3vFBqoS6nfABk1NPobPEXRIfPtlIRBN0fSUqASDuj4TTDszyG%2BUypZpQDH7tEP7QpJDg%3D%3D\"}]}\r\ncf-ray: 982c6a42481f56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":29,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.609327+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/i/do/not/exist.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":873,\"pkts_toclient\":2869,\"bytes_toserver\":59016,\"bytes_toclient\":4329464,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c6a420d4956b7/FrUNhqRbzuQZTkMNYGy1cSJ_p4NVVYwb5Fv7v.EqXa4-1758487618-1.2.1.1-bycp8y_KgtGKRNCzy9Z5nB9BrfxCIwEuYavz1duSbZDC0ojBDkjl1RnuWbEasVZa","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","date":"2025-09-21T20:46:59.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c6a420d4956b7/FrUNhqRbzuQZTkMNYGy1cSJ_p4NVVYwb5Fv7v.EqXa4-1758487618-1.2.1.1-bycp8y_KgtGKRNCzy9Z5nB9BrfxCIwEuYavz1duSbZDC0ojBDkjl1RnuWbEasVZa HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/\r\ncf-chl: FrUNhqRbzuQZTkMNYGy1cSJ_p4NVVYwb5Fv7v.EqXa4-1758487618-1.2.1.1-bycp8y_KgtGKRNCzy9Z5nB9BrfxCIwEuYavz1duSbZDC0ojBDkjl1RnuWbEasVZa\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3394\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:59 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: em4uwFYsMdg0KV+iXlkSfwXO41RMaPNeDfZ4BnmHHQvw3JqqIsyGy0mAtpToTHB/Nk8LT9Cugm8hqSdVRapYJjSvH7TWXs69d+w3ss4nkpOMjaAReWlrI31M6iufij/fZJ4Q/h//h9KYGf+ErOISHf/a8DU8MTETKGTR16ryLPHCpl16CYBIJ8XSt91zKbpNr8LrZa+85Eo4zzqY8Ugqxfk0URdF+pQyUDBH4s+N3zk8EwnZ1Jktnh16i/kzNO2AV0AHyoliUdq28sB/5vkgFm3B6iwdCRKcXmeziu4F87gp7sGzGNo/Y2hphJ3m3Bsy/ACdMSDmhKJ1NLw28E3XM4194gCsaI+kjMvWkdig+H3ZPgi0zXeJqvl43qOfkC2pWVKPmMAaXP+Flxs9VMbECQz8pygfLC050cw8TicBLmaisvYD9+eqPRlyAdqOE2XzdBNeGkwQTFwjZSGXLm/S4E9I3/BWYafePGG2FjR9MdbrgS0d+S3KzqYrPu7oB8orGwHn/xXKdxzmEoHZVi7vKgHoOFQx7sMLISSZeqwoB0oBIkYmc33Qxpm6jdNBws3qav2MTX3lN03wWZb8Sz36N9z/5mVtbvmjxN77PlUpC/EI5Rj8Ze03NfzYB+WSLGxwj+K4a11ZDS1o6//4+J9+IL+eKf81FgLRUb7oHxH/aqdw3D5xD3o25PBjycGdY3wVXhltyT1MgNlopm+VH8Xb0O2qbFn9wvnr+L9ITZE+mja7Z2VLWYkJr9ew+xkwK5Wdr6SZyk6Xuh1Vf7eLrG3OhQ==$gcaKmf/2rWzQRIyHfBqlgA==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c6a44cfae56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":265608,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d657af58c937f65d36b5d9352f12928d","sha1":"22c9cfea199883de1c0ea9afd654bcd314071b3d","sha256":"bd65989f84edb2ddec1864adb9a14cb9c98356137b421cce019579d9bdf4b817","sha512":"012cb65dd291d8ff41cf600289fd07f1040c817f43e1ac5bdaa3ec112ce20acd942b5775ce6e7d55bc155c3c4487f474c5f0fddad0276f8faca9db5b31c40738","ssdeep":"6144:pK1znM92KJ5iv/nrwOGXH1rTq2kFn5vbq3GJR3+HTDdF8BXy7f/bnnE3:k1znM9/qnrwlVrTqXFn5LiToIfTe","tlshash":"db44126a1e2b5f8ade190d6f42b04e185ed21b46dc665c80a7fb2687c83f6c41e3c47d","first_seen":"2025-09-21T20:47:54.444826Z","last_seen":"2025-09-21T20:47:54.444826Z","times_seen":1,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/982c6a420d4956b7/1758487619347/a3d289d8fd7f13a387240d27e79841dcebf32b7d01b6ad51eeccbae26bd64625/rkIKJUUtLk4H6ty","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","date":"2025-09-21T20:47:02.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/pat/982c6a420d4956b7/1758487619347/a3d289d8fd7f13a387240d27e79841dcebf32b7d01b6ad51eeccbae26bd64625/rkIKJUUtLk4H6ty HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Sun, 21 Sep 2025 20:47:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 1\r\ncf-ray: 982c6a560e7c56b7-OSL\r\nwww-authenticate: PrivateToken challenge=\"AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20go9KJ2P1_E6OHJA0n55hB3OvzK30Btq1R7sy64mvWRiUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAx4wYyUCGKKWASSBuEmGmKICD1pEWVUW6gF6MxCt68NxC-P6Ajs9cJIHRrouoflU-EK86Wit2XJ5HDYCHfHPHkia2Pd8A-bHlaFobZkACeZuOJFFLhJOYIKGtm0b1IhoJrlZt-rVWd_zr-E9GQHwmMFUnFkCd8z4Eddt5-V22YPgoh9KFSSm0Dz9oUvYd57Q0Z77Shzc45Ww40uQCv-_o6JfWDTaK_Q6oZZCc1WKK-78mTEthVQi9XmOC3Hfs78dkggGL7s4Sk8WZ2CnF5YkAct61ipfyO1AjRkEgew7QxO0jF8hyZHCyp3shOjrWMQkapRPLM3_79jlvrxpZcp5uaQIDAQAB\", max-age=20, PrivateToken challenge=\"AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIKPSidj9fxOjhyQNJ-eYQdzr8yt9AbatUe7MuuJr1kYlABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArz0yWsyW5e2DXdAxP53xGLj_CtykTPcoedsjXEnPt1-OrwGfCALw0Sh5pUqqCnOa51JeehnyfFuBeU7xF6Pd0N_95dtcQMr5hYitROah_WwMmYRBPce8q3zdpgUSCls1C9nuNESztuvIco7nUjCSNHBbArlN0Ch2-j4KGnHse9lGMjzSBXpbJyBiV3AXrBxWYxloCG1wKM7ZfGG18l6CkX70iKJbP82hzQiYeS48TuujYdrFDII-Q7vVapkSdV412lDsFJuJmAPUddZhHNhGwg3gCmMkp8mG2nHjaLWTcAmKWqT1jSUz7TDZWwzoB7D_bWF5mudFv0GZUSNrdSZAGQIDAQAB\", max-age=20, PrivateToken challenge=\"AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKPSidj9fxOjhyQNJ-eYQdzr8yt9AbatUe7MuuJr1kYlABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA3aONLzbt9azB_WsRJ4fehRU_y1UQE_D8mdWWuqEhv9iUW3QY8cOitD9qU8sfP91br9VqJSPu750lYHdosT3-HjwqTyfu9ZBx6FpQXzXn6mzAoyAPTxDNFX67hiG8rhGbKNmSy6pk_XzqDQwhfRfsuvzm6l-GMl1V4cUJ1qtr6ccKbCZ4Sj_erBYzqnox7KdS7yi54U-AK3HOOXJdoOZ-iz-0wm62XfQRkx-wSxzNO4SAGy2XXAAJfkqiKMJnFVq9pTxDVcsJXwIixVYZq_yW9zKyYEOnyhhv9kNiRNfZYqFEEB9Engiz1UbsV7zlyh8pmtFihRCKUZ7U6oZu_5DbxwIDAQAB\", max-age=20\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:46:33.518213Z","times_seen":400223,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.060Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69 HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 982c69e55f1c0b41-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122119,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9711a7b70d197e79e4ebd1a12ddf1258","sha1":"b0a842a093aced41333d75346974177a73fbbbf9","sha256":"ae3c13743dc64c392ba40a0d3f23c8c135bb2816504ed52dbebcee2a13da0bdf","sha512":"14113ad20e7a51b90a1e00d2d9b6227aa7b26e3b1f7345dee89a5a5a644516d3c3b102410c61406b4b90bffb2ab37c8ba46db45687b6663e89aa34631469ba50","ssdeep":"1536:UMs3h970it7INvEi30qkN+7PRH8USb89yhQEsLU7EEqGDUSrbi7xoiDRjmR9kJyW:UJR0S9Q0ZN3buxoiDRmWyw45JdJ272bC","tlshash":"1cc3098d34ca726953a72865006724cf71b96c84f01e582dfb209de07ceb71c77a7d6a","first_seen":"2025-09-21T20:47:54.455732Z","last_seen":"2025-09-21T20:47:54.455732Z","times_seen":1,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.074478+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=982c69e439990b69\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":15},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":582,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c69e83d2532fa/SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-09-21T20:46:45.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c69e83d2532fa/SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\ncf-chl: SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4066\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:45 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: SjOTOX2kKU4YN52xWtlmGFgGBVgZ7oHrvW9cCZ3GdFBwIQlRJI7FIExZqIMNj0yI8qsUdv8epNPpgDlOlRLN56TUapGKL36gQPulzfPyJLYta4x+5CfBpspRRgW0a2FvUoUvFcL4hxLbgOrVTSFJ1r/ldvlK07lpxifywL+3EIbYf3fB5eMngKyJ2SlD6fz5R1vphVn/8Cf7mhUGuPJ4UAjr9C+RpzF62gemx+7jTny16h/3ko95p5scuMFgeKNwssiUtfE7kDINBnsXky+NRQa2y4L78HXn8tUfFS3uNYyBO95lTnZgjbS/Xh9xF26FnWOVvR95V2z+CMTytkaNMXCKXUqjos8njWSHeE2uKv/IdSCAWpc7dYM1ue+uQb96YrgJtM9fvXa+RgpX69clLa2ebDCsjbkqlQ0PFedWyENAX6MfsNccsQaUB8J/ZoJAO+6z3EiMzZBbCyrx3uZiv9UKaQ19M8wfLldbM3mH1hDtfz8/gnZyfk7jqMXajDXbBFoMC6TLNgQYihrrTIWfdmodetCGMc1MBv39N5va/ke89KRHdyXfHymO84BGQ2gYhzEZRrHgMtuuDzjvAOKymyPqvy8TXRfJ3Wg0tDCBbJmEodNGC1kcrEHIjJvmLnPWOdTNweX+A3NJhlpu+olk+4hHyXzR2un13fRSAY1HoL19hoQ/WmH++Be+nLnxCCj1LHG9x6vuxKK/uqkvm1hY4y1Tu1RLyO4lBDXSxida37c5aw8Tnh+fVdEVYNDZkOlKPdzP9fA7zk1w646VuQAi7Q==$igqIwd54ZtMpLeyp/mkjOg==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c69eb6ddd32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":265180,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"42dce47859f121d53a39cfb1ec565ebe","sha1":"854569f4d674d722f16fa1deb9a7f8002a5716a2","sha256":"2a428701226d1305228144ebd339d3c0c250ec1d99c7c06bf2e3e46d358870e9","sha512":"e82a90968dd38dc0dacb399dbeb6b874f2b5ef7faf3a98e716153bc420d93f092787a2d0a3e9ac2b5787fe7c0dbb82d3b3c11c4bed7cd214cc125f926dde5aed","ssdeep":"6144:buxpoTee2MYjCP+pKUj4QTpg/eP0L+6bDv5a5+:buxib2Mw5rEQTpg2PwHQ5+","tlshash":"694413bc73385e6c8f5e953fe3b5ec192c604f878071a6a69bf53a8750cb8453814768","first_seen":"2025-09-21T20:47:54.458586Z","last_seen":"2025-09-21T20:47:54.458586Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-09-21T20:46:44.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\ncf-ray: 982c69e89e7d32fa-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/fonts/roblox-font-icon.css","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.701Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /fonts/roblox-font-icon.css HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/auth/home\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccess-Control-Allow-Origin: *\r\nLocation: /auth/home\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: BYPASS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=etMDn4PlbXixrXqc%2BLHUTsqgZ6Sy%2FqQIJVRehacldVyCxh1Q%2BuEJ%2FzVPfauUbcE6waAS27U5UUCdKMcMFpaPuhWG5pPVFI2UssQrPw%3D%3D\"}]}\r\nCF-RAY: 982c6a21896a0b59-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":29,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.763851+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/fonts/roblox-font-icon.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":39,\"bytes_toserver\":3560,\"bytes_toclient\":34143,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/UnsecuredContent/Images2.png","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.704Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /UnsecuredContent/Images2.png HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/auth/home\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 4837713\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=31536000\r\nETag: \"1dc1544ae0cfb51\"\r\nAge: 1035724\r\ncf-cache-status: HIT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M7kFMKWANG8QgV0DSLyG9bvjTwrEVeY9ib3mcO1oBX9yGJvCsd%2FshY4XQcVunEF5wurewslpjifML8uOpA0P4pPWngBguQTNMWPbPQ%3D%3D\"}]}\r\nCF-RAY: 982c6a22384e569d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4837713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3698 x 1935, 8-bit/color RGB, non-interlaced","md5":"4cf1ac93615c80c4d08c986d4c04b5de","sha1":"1c4c25a754b8971d5759a79861305544d22a3bdd","sha256":"b9ee908e1b4528ea1db0bb8d13358f8292a7cfbad4b8621b760a969339fcf412","sha512":"49a4522fde3abd4f853f10df0a25dd8dfedb64b08e8a619f7750ab2e0b1233b08374bf76fbfa648ad9e38be3a29ede6ca1441093701b065bfc94b69657db5c30","ssdeep":"12288:W0GQD17imgrzAvBJZ2QkEvuAKE3W+FaKEaGqcDcn/ZzDodpbQ4i5ACq9X994Qg1B:DanAz4NCuI3WOaK8KN0LbyAx93gNbzp","tlshash":"08253325d78ebcb811b54b90c06886003870fa6f36666bdf0644aba8753d53fedc6e4d","first_seen":"2025-09-21T20:47:54.463183Z","last_seen":"2026-01-28T20:44:18.807685Z","times_seen":4,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":89,"dns":1,"connect":1,"send":0,"wait":34,"receive":272,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819927+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":853,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pekora.zip/auth/accountlogin","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T20:46:58.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET /auth/accountlogin HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.pekora.zip/auth/home\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dajvfC3OmWeeebtTjsGoovf5Ii0SAUY8ha1xnZ947wcByifiR3z9LsUzrqWGTAbRodBXYc%2BOWF1KurHmCPlfeGbfllFBgTMqoaEjTqjsZz8RLJm%2Fp19HQN2Sfd6KEl%2BZyA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nset-cookie: .AspNetCore.Antiforgery.zqKkAMzkTHA=CfDJ8HsUa6omXNlJox__oSL1EWYU0sKVPpDqkD6qCBTDCBoZhwxoUd40wfMGkyZrw8DVJOGANe-rLkHQ4MY76lsSM7d3-MExX_6csncXzkRJiJP62I6Vf6gAa4dLf0UfpKigXGb6XetmBtpWdWGHfEgw-4Y; path=/; samesite=strict; httponly\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 982c6a3f8ffb56a9-OSL\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=2292\u0026min_rtt=858\u0026rtt_var=1494\u0026sent=13\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=4079\u0026recv_bytes=1607\u0026delivery_rate=827600\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=15774\u0026unsent_bytes=0\u0026cid=2f0fb047bf8791e4\u0026ts=14697\u0026inflight_dur=26\u0026x=51\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Bootstrap:5.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6524,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"de3b151c6a42f1f161b86eec758ab0c1","sha1":"af38fc7101f1ced8d3d640b1f69ce336020352c1","sha256":"981e6ccaa0bcbf7524a2d2d5c7dc5ad817aa72fa41d33aa92502a0d3a2797e17","sha512":"8eccd01cb247ca3cb8979d8bab56eb9464c3c70d64bfc7e27fd58603317a0a044184ae828626156df8db91f8c640bbde5b24d05ab85f21e659306ccccd690067","ssdeep":"96:sq4nTCT9Tru8eCFb6BJj2dUpiB2+ZkKJuIZ5sY42:sq4TCT9TDH6BsdUpi4+CKJuIZG2","tlshash":"66d14239a9c02c07127342adaa65db59ffc28107c506a79d76fe37db8fb2c059923d18","first_seen":"2025-09-21T20:47:54.467443Z","last_seen":"2025-09-21T20:47:54.467443Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":88,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.1.3\r\nx-jsd-version-type: version\r\netag: W/\"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nage: 1065622\r\nx-served-by: cache-fra-eddf8230081-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 22075\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78129,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"7ccd9d390d31af98110f74f842ea9b32","sha1":"a85e681624c91a106a514c31eacf80de817b2cc3","sha256":"f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3","sha512":"a5ac783258178c710f7c2c1c24b4218a063bf8df2bb7a6d5bd62c5c9432ec5286fd7bd17e774d1cc63e63e4666181864fa38a447c581338ca5ec0f563071eabe","ssdeep":"1536:pppbTNR2t4NEdiK5J2w8gGzjJVPOW7tI+r9ixR2nwZY:T36WJr9ixi","tlshash":"a873c5493254b8730ade45a68037470bf3265994b14b802cb5bcadde2a3dd8672b7f7c","first_seen":"2023-03-07T01:06:26Z","last_seen":"2026-04-04T17:30:40.24768Z","times_seen":15155,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":47,"dns":1,"connect":27,"send":0,"wait":27,"receive":6,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/f78657f80e4b/api.js?onload=PXGpw7\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/g/f78657f80e4b/api.js?onload=PXGpw7\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Thu, 04 Sep 2025 13:20:09 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 982c69e5d965c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (48994)","md5":"b661f4cb7c8743c758053f6696d83e42","sha1":"c2877a9185c7402056feb50723f845e35c8574f3","sha256":"3dd3733199c121286e02ea0668730c4fb8b1773a0d8b84b16471254e785c2c4e","sha512":"f13fbdb6a12ba0590f889ad7b337b7cc1734aa7272dc056d0097ed3ab3aadcb71efd7bfe32100771c4d6b12c774dc4b007c357f70056b9409d95260e9f6c59b9","ssdeep":"768:XC6BRV2fM4l0a+rnhPLy6PzR8u5jUj4FclBMqfspVyq11AY13kep+ORWqxIrm3LW:J2E4l0a+rnhT//j2B6VyGNI","tlshash":"66231b583256797227e980e1617ba74373297939e94ccc50d423c86536acecad233fba","first_seen":"2025-09-08T12:20:57.981855Z","last_seen":"2026-02-19T10:03:30.871534Z","times_seen":12070,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":11,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-exukMIqn6W45Ipuh' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c69e83d2532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26985,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (26985), with no line terminators","md5":"bf4f0d5396a7a4b6b8dcccb432950cc9","sha1":"0c2f05200654384098bc80a2249056217e78b01a","sha256":"eddfedcf2eac5bbb28bd30009d6b62efba7bd6ecc8bcc9a9cc5b1d67e764fcac","sha512":"6ae008511e2267b05d29cae184b57d214417c3d6e522f96ed466ec66332a82aef252cf5ca4e2396d0d48687ae053fea531463e6f1677e4a022c3c263573d2ac5","ssdeep":"384:2x6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBAi9CobCzS:idGrkHzlJUdLV9da3m85Ce","tlshash":"61c2c9038a501b7e7553872da3e1b5c8a338ba025f56b1b7f15453a48f4d2af3b53b0a","first_seen":"2025-09-21T20:47:54.471215Z","last_seen":"2025-09-21T20:47:54.471215Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c69e83d2532fa\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-09-21T20:46:44.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c69e83d2532fa\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:44 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c69e8ffde32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143539,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"770e22c5dec37671441dd00d2c955313","sha1":"58b8b1d9422b0d48434117f8ff6ba7687622bc70","sha256":"f75b038795dae56b874c58697ee7ab1aae2c2a9090ee012646da969977f85827","sha512":"38593b3d88e699133abef2cad87c0239d5ef562b711b24276158ed04f0cf421c51fe7f4ccf2633395edfbbcd9448f90cc6de8cb3504d4a5128f1a90503a0e735","ssdeep":"1536:h7kL8AZ0k/4NdANjv8TyFWXhA1rEVuazTHpEE27guUB1B6ugca2k3ZMqbO8/nLex:hw8AShN4cAlEjui18dP/68KHIq","tlshash":"1fe3f8893ac9767e83aa24e6443b24cf62b65d44f01d591ce654dce27cd631c23b3eac","first_seen":"2025-09-21T20:47:54.472713Z","last_seen":"2025-09-21T20:47:54.472713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.949Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/auth/home\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dDPwfZzhSLnnwDX%2BWti%2Bt%2BVZKwTxSWvkYRLg2qH0zHetZYBTtNJbRXaackMs3%2FQjaG%2BOaL%2BA%2B%2F2uYd08t5BfPN3YqbT%2FYC5D7colbuNyoIs7Lj7ItQpUdeMXIpzVoR1jUg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 982c6a233ac00b59-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=634\u0026min_rtt=500\u0026rtt_var=82\u0026sent=41\u0026recv=42\u0026lost=0\u0026retrans=0\u0026sent_bytes=31618\u0026recv_bytes=13870\u0026delivery_rate=16599647\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c69e83d2532fa/SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-09-21T20:46:50.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1255362299:1758483405:BXdDdhtwnNiK7T5qEixFTYJzFYhwbv7vZ8KZGhy7a7Q/982c69e83d2532fa/SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\ncf-chl: SIddUrwwq4S849ix4p.IBKpQyif8.Ay1Ypq42R8N0.M-1758487604-1.2.1.1-6U8szOMwU10CGJ15C8PJt4SIUUy912RjKJNlNnhc_aprXoG9AWjMlZsGg0F9fC3F\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 34615\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:50 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: FbVTzfpCZpxwhTVPmz6UNzOU9H5zPS2o0XCUB96t89mKHwkVxA1XPZepseISpopQ$UdxkScxpVcI9xObRv8U9BA==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c6a0ade1632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29736,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29736), with no line terminators","md5":"93a6f598bf1b86d74be1ce81f0ce4cfa","sha1":"7bb56d6f453a79c63a03c48b33b89a772884608e","sha256":"b5252bbecfcaddcb4e72ee086f5c6ddedf08f34c79fe4b1aee29a83bc81e600c","sha512":"df71aace049d99d5a67249db42b47789a4b99c630d073dc3f9652873260245babf3e88d73132885e3b83b41f8b078aa617bb1b807a636ef3c8d68e4fcb0031a3","ssdeep":"384:Svv0NwEyuwFw/ZFwdAMEqRxvo7PzoAKDsaIFffCOlV9Ksxj3q8zVJuxZ90FRFmIy:Sv0iuTZ2no7sps3fvlV9pc8BsH0n9x0","tlshash":"9fd2e002b7bbdead7a2c192f1bf5258dc580436b4c21b249c2dc55d205a6f9737b11ac","first_seen":"2025-09-21T20:47:54.474296Z","last_seen":"2025-09-21T20:47:54.474296Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.13.1\r\nx-jsd-version-type: version\r\netag: W/\"184e4-ptHboTbR5gcHjbMAMHDqs0tR7FA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:53 GMT\r\nage: 35025\r\nx-served-by: cache-fra-eddf8230082-FRA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 13832\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99556,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"1f041c852155e417017372c978871d14","sha1":"a6d1dba136d1e607078db3003070eab34b51ec50","sha256":"004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b","sha512":"bd61eca743ee4f1c1130bb464e76d2ecf0cdb48ef21669a216adb886372aa6ea7f28aee2c7159d5f04667ab1bd82eee979a491215c6915c7c1495ac6cd6705e3","ssdeep":"768:vqnm8OAL1Mzocm4KyH2CJwZwmij34k4RDlWIbWPVUMZ:mOocm4FJwZ5ijINRDlIiw","tlshash":"6aa3efba914f05f9d341e4d92743674693aaba3cd1813c7ad342399ee3c1a188ad73dc","first_seen":"2025-05-11T00:31:32.601303Z","last_seen":"2026-04-04T16:13:18.204006Z","times_seen":1188,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":42,"dns":12,"connect":13,"send":0,"wait":14,"receive":2,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.13.1\r\nx-jsd-version-type: version\r\netag: W/\"184e4-ptHboTbR5gcHjbMAMHDqs0tR7FA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nage: 35030\r\nx-served-by: cache-fra-eddf8230082-FRA, cache-hel1410021-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 13832\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99556,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"1f041c852155e417017372c978871d14","sha1":"a6d1dba136d1e607078db3003070eab34b51ec50","sha256":"004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b","sha512":"bd61eca743ee4f1c1130bb464e76d2ecf0cdb48ef21669a216adb886372aa6ea7f28aee2c7159d5f04667ab1bd82eee979a491215c6915c7c1495ac6cd6705e3","ssdeep":"768:vqnm8OAL1Mzocm4KyH2CJwZwmij34k4RDlWIbWPVUMZ:mOocm4FJwZ5ijINRDlIiw","tlshash":"6aa3efba914f05f9d341e4d92743674693aaba3cd1813c7ad342399ee3c1a188ad73dc","first_seen":"2025-05-11T00:31:32.601303Z","last_seen":"2026-04-04T16:13:18.204006Z","times_seen":1188,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":57,"dns":1,"connect":28,"send":0,"wait":27,"receive":3,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons/font/fonts/bootstrap-icons.woff2?e34853135f9e39acf64315236852cd5a","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons/font/fonts/bootstrap-icons.woff2?e34853135f9e39acf64315236852cd5a HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 1.13.1\r\nx-jsd-version-type: version\r\netag: W/\"20b9c-tEH8/5OeJPoJBqN7d4h4i5/du2g\"\r\naccept-ranges: bytes\r\nage: 1806\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nx-served-by: cache-fra-etou8220027-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 134044\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":134044,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 134044, version 1.0","md5":"84a4d15b9e4459b6229a7f1dccc6609c","sha1":"b441fcff939e24fa0906a37b7788788b9fddbb68","sha256":"6c75710364a1ca5604267716f6d28997b26319fdb078cf11e0b42ab66ff2ea61","sha512":"d767814d144b311254de5d248d4a1cd2777209016687c11b3a7791642d90ff267c11d0001fb30435e3767959a2a00d4076e1bc6fad3c7a58cfdb00e5c77c44ce","ssdeep":"3072:tDHos22Zs2P3qithtQxgI+oZzvHB2haro8yYMBX:FHo8s2P3qi1Q+K1hLrxmX","tlshash":"19d3127e338ead54c8b4d32963588c7522ef82c2962bb2235f71523386f94fce485517","first_seen":"2025-05-15T10:27:38.85456Z","last_seen":"2026-04-04T17:44:28.632019Z","times_seen":3287,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":31,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c6a420d4956b7\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","date":"2025-09-21T20:46:58.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=982c6a420d4956b7\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c6a429dea56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":145354,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ff3ee47cc85f341314052f47da6bbc4c","sha1":"e975ebf3361a261cc64273361634bd358a71bd50","sha256":"808c64ebc8a55cf70ccfd8d92cd7a1dca1a77e84f9ace41fd77cfd62cee1387e","sha512":"b5364208e6df1e0397b7de7720ae78c2399602adc137cc40d23355674b119335bf199fdf281a3f28a01f73183eb1db2f2d6505ad9e95b20d2f3b7338cd2c1f88","ssdeep":"3072:eNRBCoEEcKk+v65pa8H2uePImV/8AK13gW1Jef9:MgoOKkfmuePImVEAK13gW1Jef9","tlshash":"66e30b4d35c97a6953ea28f6403b24cf72b66cc4b01c895deb009dd67ce532873b2da8","first_seen":"2025-09-21T20:47:54.476645Z","last_seen":"2025-09-21T20:47:54.476645Z","times_seen":1,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/982c6a420d4956b7/1758487619347/fkq0mr2V7PMUgJV","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","date":"2025-09-21T20:47:02.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/d/982c6a420d4956b7/1758487619347/fkq0mr2V7PMUgJV HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:47:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 208\r\ncf-ray: 982c6a55ae3256b7-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 27, 8-bit/color RGBA, non-interlaced","md5":"2094b6a7c09b08ebeec06dd1356b6da0","sha1":"06496e04e2ec8d562e6a0c566038eb31c541a5fd","sha256":"cd1019c1f165d70af456e465631517e3f6dd114255c743679c569f7c793a7456","sha512":"e864def0e6c2a3475010f7586c5ad0a9058c80403e738ae10f1a2d35bc9f27803e0ef58c5384dc02b1e2f2d1baad4113b59b972619dc2096adce2fef1d0b33a3","ssdeep":"","tlshash":"6bd0c9d19a6c6520dfdc2e957f016318c4b832f0450e9f9dab49ca122b009ea90861a9","first_seen":"2025-06-13T18:53:59.344337Z","last_seen":"2026-04-03T03:17:44.016368Z","times_seen":122,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/favicon.ico","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.120Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccess-Control-Allow-Origin: *\r\nLocation: /auth/home\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X9cFkyjZOfPZoMoifVDwtLx6XjzVXu4PvP3YHaEv0TjcqBfwA%2FZAHxTEmnvHhbuAvUXr5WrSRD%2Fm9zF2LccE4%2FzTapZb9wSASFyk0iE3\"}]}\r\nCF-RAY: 982c69e5be8fa41f-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5431,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":1,"dns":1,"connect":1,"send":0,"wait":105,"receive":31,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.163853+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":2518,\"bytes_toclient\":54168,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.226163+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":625,\"bytes_toclient\":2855,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/982c69e83d2532fa/1758487605044/as3GK1kh6TMoLXm","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-09-21T20:46:47.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/d/982c69e83d2532fa/1758487605044/as3GK1kh6TMoLXm HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q2101/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 250\r\ncf-ray: 982c69fbe9f232fa-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":250,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 41, 8-bit/color RGBA, non-interlaced","md5":"0fa6444cc148772d50b0024bc21c805e","sha1":"b50cac71fb9dd6b2947091f7b8c7521a4c42fdbf","sha256":"7ce663d144980fcab1845bf9d1bbdc8f336fcb28c7e740227b58839cb8150cd4","sha512":"20e89b8bfe03a0efbe26d8b994af514bb0387c544f345e814c4d4f21dc4867c15f2e824bfade42c9dbf1df82597d7f04b54ed809db665215f9025ebb5954d047","ssdeep":"","tlshash":"10d02483a1b7dc20bbf8b8fe0f1051174420019714d84cf47e354721a3038c4b6641d1","first_seen":"2025-05-21T14:27:25.156307Z","last_seen":"2026-04-03T10:17:04.922007Z","times_seen":122,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.1.3\r\nx-jsd-version-type: version\r\netag: W/\"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:53 GMT\r\nage: 1065617\r\nx-served-by: cache-fra-eddf8230081-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 22075\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78129,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"7ccd9d390d31af98110f74f842ea9b32","sha1":"a85e681624c91a106a514c31eacf80de817b2cc3","sha256":"f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3","sha512":"a5ac783258178c710f7c2c1c24b4218a063bf8df2bb7a6d5bd62c5c9432ec5286fd7bd17e774d1cc63e63e4666181864fa38a447c581338ca5ec0f563071eabe","ssdeep":"1536:pppbTNR2t4NEdiK5J2w8gGzjJVPOW7tI+r9ixR2nwZY:T36WJr9ixi","tlshash":"a873c5493254b8730ade45a68037470bf3265994b14b802cb5bcadde2a3dd8672b7f7c","first_seen":"2023-03-07T01:06:26Z","last_seen":"2026-04-04T17:30:40.24768Z","times_seen":15155,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":58,"dns":13,"connect":26,"send":0,"wait":14,"receive":3,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/i/do/not/exist.png","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:54.253Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /i/do/not/exist.png HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/auth/home\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Sep 2025 20:46:54 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccess-Control-Allow-Origin: *\r\nLocation: /auth/home\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: BYPASS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLKALKj3EEHXRu%2B2nPPEI9mXpPs2Fscg%2BCIXUGJ4MS11ettimqGmB2pdiyQHd2QeaPUANuHzbTd4cC7wgI3GtUysRF%2FW7ehJDaxD5A%3D%3D\"}]}\r\nCF-RAY: 982c6a26dd47569d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":385,"timings":{"blocked":282,"dns":0,"connect":0,"send":0,"wait":74,"receive":29,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.609327+0000\",\"flow_id\":1644731490476770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35414,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35414},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/i/do/not/exist.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":873,\"pkts_toclient\":2869,\"bytes_toserver\":59016,\"bytes_toclient\":4329464,\"start\":\"2025-09-21T20:46:53.697058+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:54.644Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/auth/home\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:54 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=pgUg1jOGO1pG6%2FQNozKi8VXQ7ORlsCml5gtGreWRVhSzpE3lL%2BGSthTep0QezOZDAHDnv5vnDoXkBMDH4hrfRmtb0BAN%2B5xQecOA6sBal58hdVrn%2BCUFvHavz0YTFyXwsQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 982c6a278e650b4d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=4048\u0026min_rtt=472\u0026rtt_var=1351\u0026sent=8492\u0026recv=1242\u0026lost=0\u0026retrans=105\u0026sent_bytes=12264813\u0026recv_bytes=1381\u0026delivery_rate=58651654\u0026cwnd=464\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641), with CRLF line terminators","md5":"083d3c9cda14d442a59261c7a78e023d","sha1":"4c18bae98132db43e269f6f32860cb55103aabf9","sha256":"8689c5aa07f102e25b967a9a3569fdce0b0f8748c2e2e78b0c0a5d2c42621027","sha512":"670df987a1ea16b95e6642897b3db925b44c7f5ab34b38d948d9edc5bff2165b53b91e09810e6ffa61692b2aceaa9b2a22bbb44c6482712b8145d4af84cf0a5f","ssdeep":"192:sq4TCT9TDHcsdUpPH0tK2TMaAeChUcFR206b7b7bNZG2:sqgH9RuUz6D7xZG2","tlshash":"2122513552c02427027343ea6a91ab95ffd58087c70a9358b6ff63db5ff1c01a927e89","first_seen":"2025-09-21T20:47:54.479402Z","last_seen":"2025-09-21T20:47:54.479402Z","times_seen":1,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:59.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.pekora.zip/auth/accountlogin\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE; .AspNetCore.Antiforgery.zqKkAMzkTHA=CfDJ8HsUa6omXNlJox__oSL1EWYU0sKVPpDqkD6qCBTDCBoZhwxoUd40wfMGkyZrw8DVJOGANe-rLkHQ4MY76lsSM7d3-MExX_6csncXzkRJiJP62I6Vf6gAa4dLf0UfpKigXGb6XetmBtpWdWGHfEgw-4Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=okdH219FviOMYA1Q2VWIpgtZMH5BC9v4KPvmCIUZIbLD5uIeaEA%2BmBv%2BmOyIABa%2FNbmMP7ircs7maTyfCDYCHD%2BERu%2FDe32%2ByNWIF6eUajbyi%2BN3kdPXszgaqy4WtVtrBA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 982c6a42f82656a9-OSL\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1275\u0026min_rtt=612\u0026rtt_var=838\u0026sent=37\u0026recv=23\u0026lost=0\u0026retrans=0\u0026sent_bytes=17636\u0026recv_bytes=4774\u0026delivery_rate=3055903\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=24200\u0026unsent_bytes=0\u0026cid=2f0fb047bf8791e4\u0026ts=15203\u0026inflight_dur=36\u0026x=51\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641), with CRLF line terminators","md5":"083d3c9cda14d442a59261c7a78e023d","sha1":"4c18bae98132db43e269f6f32860cb55103aabf9","sha256":"8689c5aa07f102e25b967a9a3569fdce0b0f8748c2e2e78b0c0a5d2c42621027","sha512":"670df987a1ea16b95e6642897b3db925b44c7f5ab34b38d948d9edc5bff2165b53b91e09810e6ffa61692b2aceaa9b2a22bbb44c6482712b8145d4af84cf0a5f","ssdeep":"192:sq4TCT9TDHcsdUpPH0tK2TMaAeChUcFR206b7b7bNZG2:sqgH9RuUz6D7xZG2","tlshash":"2122513552c02427027343ea6a91ab95ffd58087c70a9358b6ff63db5ff1c01a927e89","first_seen":"2025-09-21T20:47:54.479402Z","last_seen":"2025-09-21T20:47:54.479402Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/cdn-cgi/challenge-platform/h/g/flow/ov1/1193070423:1758483405:YOiLLPY-7-HtzYt_pEYuT_kbFSuaUSwk1Zan_SfkQWU/982c69e439990b69/9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.327Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1193070423:1758483405:YOiLLPY-7-HtzYt_pEYuT_kbFSuaUSwk1Zan_SfkQWU/982c69e439990b69/9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/\r\ncf-chl: 9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2124\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-gen: zFohjuKm8dE1mkQPeAjWRrZGtOCyrretA5/eTNbJk/M=$zc5IxSPbzTbNKgziYnwTNQ==\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 982c69e70f080b59-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19660,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (19660), with no line terminators","md5":"14b1726294dcc0d90e255bd59abd0e38","sha1":"5ecf75a11ec38a4773bd5c1cab09aac98fd7e9b7","sha256":"b38ca77f941b0e050142e9b92e944734a292d21e4c084906e344b87f2793b9f6","sha512":"0a7b66076bd651c94e726bb599f76c3f20de5f0d788794eb8eeafa9373bb3e23e848f751126a53b9759d60ffc7dc582dc0a2bf87ca37cd39242d2bb0baa92657","ssdeep":"384:hf8+X2l6lEJsZqcxJz9QsZLxRo2thR20F51izl3/lQ0wob:2QSOrM0Rqg9RDhR20P1cwI","tlshash":"1792d01e7f977308bbe4de765c522a16da1c04f194b5bab17ef6840e4e01490f3bc951","first_seen":"2025-09-21T20:47:54.480371Z","last_seen":"2025-09-21T20:47:54.480371Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":1,"dns":1,"connect":1,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/UnsecuredContent/Images3.png","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.706Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /UnsecuredContent/Images3.png HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/auth/home\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 1348339\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=31536000\r\nETag: \"1dc1544ae51b8f3\"\r\nAge: 1035723\r\ncf-cache-status: HIT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PexyWPgWBTUfeTpNLT70iYWSj4Al6IU1sldpmkMBoc6TZA5%2BOi6VvmkdGK1if0GkkFIQiHc2Lkm7SkxKQf64qgsgClm9RF5uedYiPhAW\"}]}\r\nCF-RAY: 982c6a223e0c723c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1348339,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3835 x 1863, 8-bit/color RGBA, non-interlaced","md5":"b44a86284a96969259e22cca6b7d7c68","sha1":"b8d3e430c9688d839d9e03a04f3a323a0e5851c7","sha256":"8fbc9409bbc7c740f488e20dfb1a484c7436881f4f0895a3c2fbd2b95e15c64a","sha512":"d0da54ab3d8ebf2fc89d05f0bcf5e6297930ab8fd421146f58aed1ccf50bd05098d71b036901e4ee9a78bb0d03c9f8207c28366f142f1095d07408f200084d1e","ssdeep":"24576:aqWOw8peC4zb3f2scOG/d9P35pwbTCWEiuWnMs6F:aT8peC8D2VOG/dtsnIiuWMZ","tlshash":"a3256729c8bc8626a249972c4647aa03df1093d6b7d6d03f7610fba1deb5c9f5c21f12","first_seen":"2025-09-21T20:47:54.481415Z","last_seen":"2026-01-28T20:44:18.794508Z","times_seen":4,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":88,"dns":1,"connect":1,"send":0,"wait":17,"receive":143,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35406,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.809845+0000\",\"flow_id\":559844226343209,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35406,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35406},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":849,\"start\":\"2025-09-21T20:46:53.696617+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/cdn-cgi/challenge-platform/h/g/flow/ov1/1193070423:1758483405:YOiLLPY-7-HtzYt_pEYuT_kbFSuaUSwk1Zan_SfkQWU/982c69e439990b69/9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:53.341Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1193070423:1758483405:YOiLLPY-7-HtzYt_pEYuT_kbFSuaUSwk1Zan_SfkQWU/982c69e439990b69/9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/\r\ncf-chl: 9ZJwMqO0YwneOIZ4c8pxMoYs8g6lrJWB_aIdLqiBTPQ-1758487603-1.2.1.1-HIEjPX4oXsEsW_wWRDV1CvX.s9_rYLl6YIyr2OKZS3Be7K2gWLjCd8ErLuotbujI\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4482\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-out: ACdk4BLPH0DGCxp0NC/UiGN0BMU+TOhTCgMP6SKPEzA5icSm8X4bzgHTF9q0lyIHGolDzZJGsSwc3t2tP+eATg==$GB2jsndWknly6kzbxtOrOg==\r\ncf-chl-out-s: Eh9hlHbDrL5b+swiKGakWsSwQ+HJxSEn97Ec/lDhqdHInIF7AdBE3BGBF82HakyCkdi+PBM81eRfiWqHXyHMDl2BaMHx6QGOGLJXbF+spVIrzM20RHF4JAybdoakxBXCyAkAoTLVi0MVFPBHOBWcwbV/X2Ysb449aNoP1yrCyPx9y5VWDJR9Q0W/RP8jntRb+ZGUkINGVQV3sS6RYlnlH3PV2as/1YbB2DqhlkBa90e7GZEhjNbVszKTcukbUV3SrdiItdDciHAJUp/lUjRGVfhmoeWZUuvxJYbobxMlBCjorCEuAP4WJHwNimp3rYVsxG/S7Pa5YUvXslgd9K52ib059Nhu1uc0rHutxtuVQ7VHKcWlWuC0cDsQCfaz/3GoWNW0CjNX+oidBlV3gPIRPLitXKMZbgaIdVXoNAZApO+mE3d1R+4g+RULQ0HFJHCw+CR0SDFYOaC4QuV1NdGvKXiUdBm7nLpDyJ8jGKLyfl9FbkQKTII3H+3/PJzIOo7dhI44c1SR7NII1s2yplID0cfUcLsibmsGTQyZVeguCJRhZq4BuM28dkr6VULMraGo1CjspzZDoz0DsAYCtpKq1sdgzIp9SMQ8rbLDXOwB0iRH02N0/ys9FNLTl/01vtA1VkDiAKBDc3oEXXiOjz7PAgFq2zPBibjmwLKz2Xhw5oqFpjwWRekt0be/MiZ7W92xOHx4U7PsE8YLMZIaSXy5NRU17N1QbLFW6bWPTtHPJCn+OQsniR2S9en2lkX8ofrAmZHKZrQ0rrnb5ja7LDevwgL2mZWRaC01sGzX1ax5fPA=$aDy1DJh2gNiuZcvoxKTUuA==\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nset-cookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE; HttpOnly; SameSite=Strict; Path=/; Domain=pekora.zip; Expires=Mon, 21 Sep 2026 20:46:53 GMT\r\nCF-RAY: 982c6a1f5fc50b59-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4172,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (4172), with no line terminators","md5":"41736d90a6bd89cd1ffa40f2b49dbd3c","sha1":"278a74601b8271d5ccda9c35491b922f15c3b1de","sha256":"9fd9ab707c82f88cb91116ce35f1069e7fb80a486adaa561878e638b3114187c","sha512":"5f7b626aca8e5adce29cb71353d088901dcdd788ec037623e167096388de912380401dfb562713d5c3ec492aca156f7d88280a71fad5ed95f56d7ba4fe25a1d9","ssdeep":"96:8IYTediSR/yhTjUUu1+seCYmqH13viZpm30+j3dfdetrSJ:eTeIgyhTTi+seJmqFqKkQfqSJ","tlshash":"7e819e9b18d2405df2a335673aff834e72c497605fb8e5c5206fdb4a35095ef0106a8c","first_seen":"2025-09-21T20:47:54.482647Z","last_seen":"2025-09-21T20:47:54.482647Z","times_seen":1,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":80,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T20:46:53.601Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nAccess-Control-Allow-Origin: *\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\nx-timing: AppGuard=0,a=0,ua=0,c=0\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=z%2FEiyvp6WicdfJxDJE6Efe%2FndZ91RlD4ZTldqtruRPhjeQQaWWduA1s1GhDKnf5AzTtMbBL1Zhdz4tisqp2KN28OGwAFlBUvnMLxIvJn3o%2Bml2DbqQxF%2FPkvmzzUaMWfmQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 982c6a20f8e50b59-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=610\u0026min_rtt=515\u0026rtt_var=48\u0026sent=29\u0026recv=36\u0026lost=0\u0026retrans=0\u0026sent_bytes=22980\u0026recv_bytes=12505\u0026delivery_rate=16599647\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Bootstrap:5.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10870,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641), with CRLF line terminators","md5":"083d3c9cda14d442a59261c7a78e023d","sha1":"4c18bae98132db43e269f6f32860cb55103aabf9","sha256":"8689c5aa07f102e25b967a9a3569fdce0b0f8748c2e2e78b0c0a5d2c42621027","sha512":"670df987a1ea16b95e6642897b3db925b44c7f5ab34b38d948d9edc5bff2165b53b91e09810e6ffa61692b2aceaa9b2a22bbb44c6482712b8145d4af84cf0a5f","ssdeep":"192:sq4TCT9TDHcsdUpPH0tK2TMaAeChUcFR206b7b7bNZG2:sqgH9RuUz6D7xZG2","tlshash":"2122513552c02427027343ea6a91ab95ffd58087c70a9358b6ff63db5ff1c01a927e89","first_seen":"2025-09-21T20:47:54.479402Z","last_seen":"2025-09-21T20:47:54.479402Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.1.3\r\nx-jsd-version-type: version\r\netag: W/\"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:53 GMT\r\nage: 1065618\r\nx-served-by: cache-fra-etou8220177-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 20842\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163873,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"94994c66fec8c3468b269dc0cc242151","sha1":"ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad","sha256":"62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab","sha512":"190194d1f30c8b6dfcb80f9afdb75625fa5418a52405d81f15d8019bbd92510e817b25a3a18feda27d2d1231fe3921fd88fe037e1fbb1ccd08f5fe5e4742ffe3","ssdeep":"1536:4t04T8if0W8DsEBpy0cuJBf2rIWE5e0VUpz600I4fM:4t04/0VUpz600I4fM","tlshash":"c1f3b4dbf581341dd4a7c259a4d1bffd052f4586e3025aabb0277bb88b892c70963e4c","first_seen":"2023-04-05T04:27:21Z","last_seen":"2026-04-04T18:24:50.442516Z","times_seen":21779,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":43,"dns":3,"connect":13,"send":0,"wait":14,"receive":5,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.pekora.zip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.1.3\r\nx-jsd-version-type: version\r\netag: W/\"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nage: 1065623\r\nx-served-by: cache-fra-etou8220177-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 20842\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163873,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"94994c66fec8c3468b269dc0cc242151","sha1":"ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad","sha256":"62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab","sha512":"190194d1f30c8b6dfcb80f9afdb75625fa5418a52405d81f15d8019bbd92510e817b25a3a18feda27d2d1231fe3921fd88fe037e1fbb1ccd08f5fe5e4742ffe3","ssdeep":"1536:4t04T8if0W8DsEBpy0cuJBf2rIWE5e0VUpz600I4fM:4t04/0VUpz600I4fM","tlshash":"c1f3b4dbf581341dd4a7c259a4d1bffd052f4586e3025aabb0277bb88b892c70963e4c","first_seen":"2023-04-05T04:27:21Z","last_seen":"2026-04-04T18:24:50.442516Z","times_seen":21779,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":65,"dns":10,"connect":27,"send":0,"wait":27,"receive":20,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-length: 0\r\ncf-ray: 982c6a40addeb509-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/g/f78657f80e4b/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":6,"dns":0,"connect":1,"send":0,"wait":12,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/f78657f80e4b/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/g/f78657f80e4b/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.pekora.zip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Thu, 04 Sep 2025 13:20:09 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 982c6a40cbef56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (48994)","md5":"b661f4cb7c8743c758053f6696d83e42","sha1":"c2877a9185c7402056feb50723f845e35c8574f3","sha256":"3dd3733199c121286e02ea0668730c4fb8b1773a0d8b84b16471254e785c2c4e","sha512":"f13fbdb6a12ba0590f889ad7b337b7cc1734aa7272dc056d0097ed3ab3aadcb71efd7bfe32100771c4d6b12c774dc4b007c357f70056b9409d95260e9f6c59b9","ssdeep":"768:XC6BRV2fM4l0a+rnhPLy6PzR8u5jUj4FclBMqfspVyq11AY13kep+ORWqxIrm3LW:J2E4l0a+rnhT//j2B6VyGNI","tlshash":"66231b583256797227e980e1617ba74373297939e94ccc50d423c86536acecad233fba","first_seen":"2025-09-08T12:20:57.981855Z","last_seen":"2026-02-19T10:03:30.871534Z","times_seen":12070,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.286Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ZB7aJtZTQkj6nBTCUlpywJ4O20%2BwhzKHdBEFtNyNnsbr%2BwM2JY25tjN3vM36QHoff6oFyIwUYxwLERK6FquWoiMOV2F8PE8BaZ8qX62sTOkaXyLQRkLctJdkVDRXJUfHlA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 982c69e6cf3ba41f-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: chlray;desc=\"982c69e6cf3ba41f\", cfL4;desc=\"?proto=TCP\u0026rtt=511\u0026min_rtt=493\u0026rtt_var=100\u0026sent=6\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=2640\u0026recv_bytes=826\u0026delivery_rate=5098591\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5580,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5580), with no line terminators","md5":"05c4998471fd6afdec48d5d879dfc390","sha1":"7ab62b9422b6ad91f6b2c6e224523c2b7526b1ae","sha256":"2b5ed420c0199075c2aa9fb5c4c6c80fbceb0d54155079b763e76c0b65c064ee","sha512":"986005d7729a650350e911e32b0d4058c1f8ff74ea475f1f97def8fd5483014400e8899b67eb9cedca9c02a87b51a7ad0dc069f9953fba0b1298ccfd8793775f","ssdeep":"96:PNybXZtIEb0EFW87ImeDsylj2X8fzqIjNZn2HJI6GGjfwqhGrWmYzueh80ox9mw:PNadBZeDsyljaszqIjvoJn4qhMWLyVxn","tlshash":"48b17fd5a702602ae3b709f3a47b73e4d240a093b701d15ae6d5ce6ce2fee57c119544","first_seen":"2025-09-21T20:47:54.484333Z","last_seen":"2025-09-21T20:47:54.484333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/auth/home","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.261Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /auth/home HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=62qun%2BuwxHebNiS6wC%2FqEfqr%2FSSjfVfXLM5rRq49bBWUAPsTaA2qWcbPHRnPXN%2FpsX%2BDNbO%2BjHoMjcFijqltN20fylv8fuvFlggzoCxnyLoFKpcGdInTxf%2BlgLqrZLUPzQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 982c69e69fea0b41-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: chlray;desc=\"982c69e69fea0b41\", cfL4;desc=\"?proto=TCP\u0026rtt=814\u0026min_rtt=469\u0026rtt_var=152\u0026sent=43\u0026recv=25\u0026lost=0\u0026retrans=0\u0026sent_bytes=51511\u0026recv_bytes=1343\u0026delivery_rate=49108527\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5431,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5431), with no line terminators","md5":"844ce939e6a4f56daf6f97d5b49f5f8c","sha1":"dd627b5fcdb905093e6b10bcf88b645d26ac6938","sha256":"e364c3c11752b1439c6868a3620a040e5b80adea0b9e331ac894a0b18568eb28","sha512":"c386adbd69c5090e08c770e567bd589352c2d00a550ed467ba14e2e94c798080ebb2c3f98fa30b636ab3cbe8ffec320ed0d549b4e72ca9fba7d2d9dcab8daac2","ssdeep":"96:PNybXZtIEb0EFW87IcXER6RhuW2w/4uwmkzOMl++MSYzueh81Rlmw:PNadBzKy4hmmxM/yuw","tlshash":"b6b13aaa8301202bc7ba1ff29177b3a8a715a171af05d145f2c1db4cc3ead0fc55a1c8","first_seen":"2025-09-21T20:47:54.488594Z","last_seen":"2025-09-21T20:47:54.488594Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.281725+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":50,\"bytes_toserver\":3067,\"bytes_toclient\":60382,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.304589+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":3528},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":13,\"bytes_toserver\":1428,\"bytes_toclient\":9172,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.646615+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":32,\"bytes_toserver\":2671,\"bytes_toclient\":27957,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.006586+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3208},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":48,\"bytes_toserver\":4444,\"bytes_toclient\":41287,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:54Z","timestamp":1758487614,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:54.709084+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/auth/home\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":962,\"pkts_toclient\":7791,\"bytes_toserver\":67713,\"bytes_toclient\":11763363,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/UnsecuredContent/Images1.png","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/auth/home","date":"2025-09-21T20:46:53.703Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /UnsecuredContent/Images1.png HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.pekora.zip/auth/home\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 21 Sep 2025 20:46:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 12113767\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=31536000\r\nETag: \"1dc1544aefdfd67\"\r\nAge: 1035724\r\ncf-cache-status: HIT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HSaObfcGxHxQoCpaqc4mAoh6nMk03ZJzgIsM%2FGPaQXA%2BQI0NX7xEY5VvPDl4rrI%2Fb4e42IlhomxqOope3EAcToy2UQaoFwW3UeT%2BLA%3D%3D\"}]}\r\nCF-RAY: 982c6a223a930b4d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12113767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3698 x 1935, 8-bit/color RGB, non-interlaced","md5":"6ac5be97bf78c3ed04b2f275b1fe6070","sha1":"4fdca0038841e6b5eb644a88e6b278881de21b82","sha256":"90236d40573532394ab0fa1ce20e723b99ab8ae42c4957b947c9980c2214ec68","sha512":"62d90c5cdaf1de7f71d1d3314b302ff9ac95f2c4feacf70c5b76a43b291cbd6ee6bef2df19b84f88b7ba596c13ef706a04e3b24803cddf64e77bc8785e427c11","ssdeep":"24576:PxRYxnpetLk0IjWvjUjEnzpGfnn7Va+8W1ED:ZMpetLk0IyvjUjEzp8n738W1ED","tlshash":"662533e1ecc84f34e9db22b8dd07a85d586c74eb4233c5177250a6e87a2b2a915373f1","first_seen":"2025-09-21T20:47:54.490345Z","last_seen":"2026-01-28T20:44:18.806858Z","times_seen":4,"resource_available":false,"data":null}},"time_used":929,"timings":{"blocked":91,"dns":1,"connect":1,"send":0,"wait":34,"receive":708,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":35422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.819586+0000\",\"flow_id\":1162383040817022,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":35422,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":35422},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/UnsecuredContent/Images1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":972,\"bytes_toclient\":860,\"start\":\"2025-09-21T20:46:53.698238+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pekora.zip/fonts/roblox-font-icon.css","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET /fonts/roblox-font-icon.css HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/auth/accountlogin\r\nCookie: cf_clearance=AoSY2rj6KYycG2EfOboWAm5QHVs41tbgtj5cyGxz4LU-1758487613-1.2.1.1-mpcQ1GS3VY.dCl_AbxaaDm3rt.htOF.OsH5qVRaPKY8N.S2V.Gxe8Vh8Fna_J3OWJbmjnRSWn35H1atQYXhFAcg5GCNbdEVf6kh1SgDp3na8ruyLdPsRucNJAhI1euf79fe8wuskyYppQbfp_tgwBGHMw7jrRUW36RlWlISfYIxYX6VCLyzxCIwEnCHWzDAelZiGfhOBhMESEQRj8VtKxEyzCOvPoi8Uhjjp7fTzRQE; .AspNetCore.Antiforgery.zqKkAMzkTHA=CfDJ8HsUa6omXNlJox__oSL1EWYU0sKVPpDqkD6qCBTDCBoZhwxoUd40wfMGkyZrw8DVJOGANe-rLkHQ4MY76lsSM7d3-MExX_6csncXzkRJiJP62I6Vf6gAa4dLf0UfpKigXGb6XetmBtpWdWGHfEgw-4Y\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nlocation: /auth/home\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BzEFcBthGq0qYPb0aKu%2B1VR%2BMt1EIJZUD6WFWCWo5GAsR%2BOl%2FEXOl1HMQG4ANAYU9shENaJJmEErPqfSrTNrbmkvsx1rRTS8Dg%2F2NQ%3D%3D\"}]}\r\ncf-ray: 982c6a40880756a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":30,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:53Z","timestamp":1758487613,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:53.763851+0000\",\"flow_id\":1208736474791150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52518,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52518},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/fonts/roblox-font-icon.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/auth/home\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":39,\"bytes_toserver\":3560,\"bytes_toclient\":34143,\"start\":\"2025-09-21T20:46:44.326894+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","date":"2025-09-21T20:46:58.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\ncf-ray: 982c6a427dc456b7-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T20:46:43.875Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sun, 21 Sep 2025 20:46:43 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=XCdZp9ySrZUlmyQsZrB6oglF4qvZzdKHUC2nyDDBiP4VCWPgzfkErQfjpblmg8icI%2B735BXX98R0sdQHwQZ%2Bnw2LIkX5ZvZlyUZyYssBKU76N6XMRxwIiJII64C16MgGEQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 982c69e439990b69-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: chlray;desc=\"982c69e439990b69\", cfL4;desc=\"?proto=TCP\u0026rtt=461\u0026min_rtt=461\u0026rtt_var=230\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=399\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5422,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5422), with no line terminators","md5":"c79d8dc59fc1551d33df8ff23121ef38","sha1":"7d8afcfa28b39dd20a0a382ecfa646a51fc9a8f0","sha256":"230777cad644f874c122ddc52a57b20cd57961b914dd851d825afb61954a3872","sha512":"443012b0094e242d897c64ddfad6031d89299f7f8ea4b2ba3786ca56aa5e322ddb48794667eee9db9a9644e222ed620d43efc7e94090b6ec91f877787c74a043","ssdeep":"96:PNybXZtIEb0EFW87IZjyjzOisWFfkIHbVbGFItJ5aXXUh9aYzueh8rjSmw:PNadBG+3tlFfJpuItJ5aXEh9HyB5w","tlshash":"e5b14ae793116036a3ba9de3447bb3a8e110a1b5ab124154f6f1cf9c87eff8b8119194","first_seen":"2025-09-21T20:47:54.491247Z","last_seen":"2025-09-21T20:47:54.491247Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":6,"dns":6,"connect":1,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:43Z","timestamp":1758487603,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:43.906362+0000\",\"flow_id\":2122136432111132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52478,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52478},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":1654,\"start\":\"2025-09-21T20:46:43.880156+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.pekora.zip/favicon.ico","fqdn":"www.pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.pekora.zip/","date":"2025-09-21T20:46:44.085Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 21 Sep 2025 20:46:44 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nAccess-Control-Allow-Origin: *\r\nLocation: /auth/home\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; img-src 'self' data: https://cdn.discordapp.com; child-src 'self'; script-src 'unsafe-eval' 'self' https://challenges.cloudflare.com/turnstile/v0/api.js https://translate.google.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://pekora.zip http://*.archive.org https://*.archive.org http://js.rbxcdn.com/46eace8231bf3c1ce64c55407d9ae60d.js https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/gulpfile.min.js; frame-src 'self' https://hcaptcha.com https://challenges.cloudflare.com http://challenges.cloudflare.com https://*.archive.org; style-src 'unsafe-inline' 'self' http://*.archive.org https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://pekora.zip https://www.pekora.zip https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css https://cdn.jsdelivr.net/gh/AllienWorks/cryptocoins@2.7.0/webfont/cryptocoins.css https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css https://pekora.zip/fonts/gotham1.css http://*.pekora.zip https://cdn.jsdelivr.net/npm/cryptocoins-icons@2.9.0/webfont/cryptocoins.min.css; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net http://www.pekora.zip https://pekora.zip https://*.pekora.zip https://www.pekora.zip/fonts/GothamSSmBold.woff2 https://www.pekora.zip/fonts/GothamSSmMedium.woff2 https://www.pekora.zip/fonts/GothamSSmBook.woff2; connect-src 'self' https://*.pekora.zip wss://*.pekora.zip https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com https://*.archive.org/* https://web.archive.org https://challenges.cloudflare.com/* ws://localhost:*; worker-src 'self';\r\ncf-cache-status: BYPASS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cW1gLU3AcTGkIcJXjO2TIX%2Fn6VWAlNzePjVDJwstT9KPDpnyj9uQJ5GpJIV3NEFoMKeYtc%2BlY%2BE9bSnqXII6AHJye0NN1ABeGWE0Aw%3D%3D\"}]}\r\nCF-RAY: 982c69e58f360b41-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]}],"data":{"size":5580,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":29,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.163853+0000\",\"flow_id\":337517391177255,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52494,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52494},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/?__cf_chl_rt_tk=kQm7S5ycTUiB9W9SUWnH4Lw9gI9_ddkrUM9wkPs6VGY-1758487603-1.0.1.1-mNyQXNphR1DBs286NporBUSc5qNe9XhB2EHIBNdKfHY\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":2518,\"bytes_toclient\":54168,\"start\":\"2025-09-21T20:46:44.058919+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-21T20:46:44Z","timestamp":1758487604,"ip_dst":{"addr":"104.21.95.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":52508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.zip Domain","source":"{\"timestamp\":\"2025-09-21T20:46:44.226163+0000\",\"flow_id\":980164757738947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52508,\"dest_ip\":\"104.21.95.120\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045975,\"rev\":3,\"signature\":\"ET INFO HTTP Request to a *.zip Domain\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.21.95.120\",\"port\":80},\"target\":{\"ip\":\"172.18.0.9\",\"port\":52508},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_05\"]}},\"http\":{\"hostname\":\"www.pekora.zip\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://www.pekora.zip/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"/auth/home\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":625,\"bytes_toclient\":2855,\"start\":\"2025-09-21T20:46:44.120259+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pekora.zip/","fqdn":"pekora.zip","domain":"pekora.zip","tld":"zip"},"ip":{"addr":"172.67.144.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T20:46:43.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pekora.zip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 22:10:12 GMT","end":"Fri, 07 Nov 2025 23:08:52 GMT"},"fingerprint":{"sha1":"A7:59:5D:19:DC:D4:F7:81:81:3D:C2:4D:A9:92:61:45:EE:DC:8A:4A","sha256":"DB:AE:4F:06:B5:63:0A:2B:60:2D:A7:63:9D:C8:EC:B3:8F:99:93:2A:3C:0D:BB:C3:12:A7:E8:63:5F:4E:80:5A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pekora.zip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 21 Sep 2025 20:46:43 GMT\r\ncontent-type: text/html\r\ncontent-length: 167\r\nlocation: http://www.pekora.zip/\r\ncache-control: max-age=3600\r\nexpires: Sun, 21 Sep 2025 21:46:43 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=MkHFWc6fJqOW2%2BdjVMWqRrqyS3faeGt5gGGyrmsRKmW2Qqfj4D7OmjuPaIKH37wdNrbhGxb4yunnyxmS5TcfMf2h9L5m1%2FGxXUP%2FYwHsZ%2BOFLVYlB0xb8j36H%2BzD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 982c69e4081976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=518\u0026min_rtt=472\u0026rtt_var=140\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3273\u0026recv_bytes=1245\u0026delivery_rate=7288590\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=d43494d681578938\u0026ts=33\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5422,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":20,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.pekora.zip/auth/accountlogin","date":"2025-09-21T20:46:58.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1erva/0x4AAAAAABuyXK8kuvynvgDv/dark/fbE/new/normal/auto/ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.pekora.zip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 21 Sep 2025 20:46:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-FIH7Vv89AL42U8Ph' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 982c6a420d4956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27005,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (27005), with no line terminators","md5":"e735655c355a19aaac9d1f86adbeef59","sha1":"d8d0877637a92230e5dfb09608a39a0e84c5168a","sha256":"2f5d8d85b0f020b01dee47a8d928d86e8c1355297685f02a613da961edf9a515","sha512":"b2ac11c85f4b2308e13ea6e839166e04e2b2c36f616e346586159f20f36eee7aaab7b54de070ba5646d02523f3ee80ac01bcbd3d60de4d595e233b4042750932","ssdeep":"384:VXx6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBAqW5NC+o:FdGrkHzlJUdLV9da3m8cNCf","tlshash":"40c2c8038a101b7e7553cb2da3e1b5c8a3387a026f56b1b7f15053a58f4d69f2b53b0a","first_seen":"2025-09-21T20:47:54.492271Z","last_seen":"2025-09-21T20:47:54.492271Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}