{"report_id":"96bb2ca9-d151-4218-bce8-95039b1055aa","version":6,"status":"done","tags":[],"date":"2024-07-06T15:38:57Z","url":{"schema":"http","addr":"femxa73e.cc","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"http","addr":"femxa73e.cc/enter/register","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"title":"t33n leak 5-17 age"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T10:59:18Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"femxa73e.cc","ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":17,"request_count":17,"received_data":510052,"sent_data":9305,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-07-05 19:47:24","alert_count":0,"request_count":6,"received_data":214302,"sent_data":4068,"comment":"","tags":null,"fingerprints":null},{"fqdn":"matrix-client.matrix.org","ip":{"addr":"104.20.76.252","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1994-11-02","domain_rank":167763,"first_seen":"2019-10-18 17:57:30","last_seen":"2024-07-04 16:54:11","alert_count":0,"request_count":2,"received_data":10726,"sent_data":1080,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.sectigochina.com","ip":{"addr":"104.18.38.66","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-10-20","domain_rank":0,"first_seen":"2022-02-25 07:42:56","last_seen":"2024-07-04 06:12:56","alert_count":0,"request_count":1,"received_data":964,"sent_data":333,"comment":"","tags":null,"fingerprints":null},{"fqdn":"b.yzcdn.cn","ip":{"addr":"154.85.69.53","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"Singapore","country_code":"SG"},"domain_registered":"2014-12-08","domain_rank":425969,"first_seen":"2015-07-08 11:30:49","last_seen":"2023-10-23 14:59:32","alert_count":0,"request_count":1,"received_data":9753,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-05 18:12:12","alert_count":0,"request_count":5,"received_data":4437,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"femxa73e.cc/js/app.1039672d.js","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"de500cb49dff2bb22046945fb2d5e95e","sha1":"806ec5a8755fb10d7a21d200ed7ed656a1afe087","sha256":"e3fa03ac8c696c51e36e02c9daab0f410b297970fa9dbbd1b5e1057dda2e7eeb","sha512":"24eb65ed13f8af0d24cedeadbd3855b8844d55fd97ccf5c30bf26ba516ca447057616c9e0c1930d7c6134c529cc2b98f9684397a6ed83d2671a2c4d3fbbf9516","ssdeep":"1536:ATNKcFNKW7AFfEwwiAT5TUhpTTT5KTAdYqV:ATB/EF3wiAT5TCTTT5KTAZV","tlshash":"4504eab7de45a90c0e15450639b911c1b3b33b59da6740c6f3b4a6982be1cb8362e78f","size":175066,"data":"","first_seen":"2024-07-06T17:39:04Z","last_seen":"2024-08-19T17:49:29.714852Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/js/chunk-vendors.ea790e22.js","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fee178f809d1b2a829099a8bb91c56c","sha1":"178b6322fdc40c08fcbda0c096c668855ad49b51","sha256":"c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d","sha512":"965985bffe1e9a2254888c7eadb7e896a0e78581ac728ca8c0d38fb673ceb302205573a9bff914acd7c1cb7bc6da32ed4cb5409dbf6e3eecc98fb359c28e8cdc","ssdeep":"6144:SCUOs30tR08Fg3iLLbQdqyWwEZwYLGX4yZI9Go/IudP0Pz+CNdQKKbqmM9wszi1I:SmsEtR08F7eRE2+UFPS3KKMhsgAPFDy9","tlshash":"c8151a89b281b075439770a4806f110ab2376d5ca40ad198f67df4e9af7ca8d6137f3e","size":949174,"data":"","first_seen":"2023-03-07T01:35:40Z","last_seen":"2024-08-21T09:33:17.508651Z","times_seen":1004,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"badc414dbaedccf989ec984e772a44fe","sha1":"3aa38ba34645941988dc82f15eabd5345dd08b0f","sha256":"8a58524ef5b986e48e9465e4735de1bf80b1235e5db319554633e73d733bd29d","sha512":"a23e81f1be913e2a9ea9e30db870602a0100d12e512555790de93dd9807788391f82f66cda150eebb767fb0fc85d3050b6db7fe35e1efa71b3f7f8a11a0c6777","ssdeep":"","tlshash":"68800088a8c030b00ba0a8a0e2e2282cb80208a020ba002baaa22ca828200088030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.720354Z","last_seen":"2024-08-19T17:49:29.720354Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fe4021f7da0a8ca3eb356ef9108280b9","sha1":"6cdd490f772f83d1a0f100833476e6547273501c","sha256":"5d85e3473e9b032c638a2b99d726c32ab8941c286b9a479084e45cacd115fec8","sha512":"73a7db2deaa94a471ede1dec49b8d8d04b7cce8ff973313b6d72546da3589064ddb559dcc6b65288915d140e6e7d93c33da5049f8cbd85a36f3b4633ea6d760a","ssdeep":"","tlshash":"bf80044474c0345107504c41d1d01014d511047010554015d1d11c5414101004030530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.721094Z","last_seen":"2024-08-19T17:49:29.721094Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"225f72ebfcc44c7257f1bea33f3a8dd3","sha1":"879427efa5c55a7021d21cf30f126d0e70b0c1ed","sha256":"63510b1e312a869d54dd15f021ecad6d21bccab6bd6cdfb5b750563d2e289cab","sha512":"33ec7071383920138b67e4de8d8ad4b2d47f752e7736b654ce9fc507696188df77d3bb4bae37dce0525eac75796300adf09fb357934507846386273b8f8b761a","ssdeep":"","tlshash":"a780044454c5347007504540d1d01014540154d01055101551551c5414100004070534","size":28,"data":"","first_seen":"2024-08-19T17:49:29.721727Z","last_seen":"2024-08-19T17:49:29.721727Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"534b44058478c83b70c349a1f78899dd","sha1":"121477b3394277c33ddddc50cb7b0b2a34f5db07","sha256":"b7c5dfe1b54981758806ef60789104bfd2fcb9fe6ea16626ec167f3ac4673d70","sha512":"b173bc092828ea06987b9b0c3c48b1a40ae9a705ebd393039435457f20c826c10366d68902cdc0bc1987bccfdd10a5098392b61e8cf9485b39244d74f189894e","ssdeep":"","tlshash":"34800088a8e033b00ba88880eae02028a80208a020ba002fb2e22ca828200008830a32","size":28,"data":"","first_seen":"2024-08-19T17:49:29.722423Z","last_seen":"2024-08-19T17:49:29.722423Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7e01775c7e2c9dc5c6a82b82d5dc1a4d","sha1":"27f39fba67eaf07b5b16912f32a977d9869335a2","sha256":"e6637699b465d762eaf8ad83c7031938bdb64682ea1853404338e989daa6983e","sha512":"cf908138d67f63c00b9cb371d34e75e0e220b1b04dbbca5a15ab47192a37066a6b62a1e097d825659e4f7e70f003baf8fc34d33a4681305c8bdbd213dd12f71a","ssdeep":"","tlshash":"4880044c54c030d107504550d1d0301c540104505055005551531c7414110004030534","size":28,"data":"","first_seen":"2024-08-19T17:49:29.723099Z","last_seen":"2024-08-19T17:49:29.723099Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b2d307599d948511bed5aac837c77de6","sha1":"722e964f38145bcaef332b1b55048dd2cc34d271","sha256":"854d900bbee14a84cb651328f65ccb6a8b1bf4df4c3d3175b0b8719935c721ca","sha512":"4422cef34e40d8795df3146d0cbeb630c939441f53d0eff31098ce7f0bbd964897600366be6989dbd0d082c4550b6d4e5a339fab1578f032c396ee89ffb995a1","ssdeep":"","tlshash":"4580044455c03051075144c0d1d01014540104501055041d51511c5434111005030d30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.723734Z","last_seen":"2024-08-19T17:49:29.723734Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"41f6ea248270bb2300d964c9d3967cb4","sha1":"8afb82e2a9798ead43ba6b4b10f1004defd544f1","sha256":"7e65a1b46c0c7bff6e3fa7fc1949019ffff6aaeedc13f1fda883c5cd324daee2","sha512":"b5f2243b2a97b8290eab16bbe6f37a66649c8fb88511f4af7a0747cadb25a23bde7648c2b6f1dbb275ee95819098d45b00d8298110dc25adda63c8a39229fc18","ssdeep":"","tlshash":"0980045457d0305007504440d3d01014540144d05055401571511cd454100004030530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.724423Z","last_seen":"2024-08-19T17:49:29.724423Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"30238ee3e34dfea84796cf0934fbb5f6","sha1":"d120b6b311c33f4c40d456b27cbaedb58920822a","sha256":"5fc617a719cc39634ffa9f1622491f94daed14b37704e7fa25519d63e1bdaaaf","sha512":"c8335618b92c163e7ec707b7afe5705f90eb2739af0238c7f6e31245d701c1f447d9568c0414730534dd8193ebedc1150ce7e12cba0a16a8193c7632b2e7ed18","ssdeep":"","tlshash":"ad800088a8c030a00ba08880e2e0202caa2308b020aa002aa2a22ea828b00008230a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.725633Z","last_seen":"2024-08-19T17:49:29.725633Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f12394f04f781c95a7495e7f3c755cba","sha1":"9e93fa1089aa5349046f87257e55014c7283ceb2","sha256":"e609e39ce0d7a8819a03e5ba39012508b37301e9704caff2b1279990991f729d","sha512":"594c3f5e03b1bea3d27b44ff9b108ac94166fad74cad125d8ad92f10c34f34181db756a4e48145ba2c6eb4e27138ac459df9f245562165f8a0d35b3a3ba99811","ssdeep":"","tlshash":"ba80044454c3305007504540d1d41014540154701055005551715c541410000c030534","size":28,"data":"","first_seen":"2024-08-19T17:49:29.726273Z","last_seen":"2024-08-19T17:49:29.726273Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"990de566c65f1014eb2fc4ed4ec1424d","sha1":"b1e1d692ac52a975bfaa33c95999bab45641e052","sha256":"a38e35b2f7683a8fb663694eb680f1da1bc271b63ae4889d55b16059d7833680","sha512":"219efd3b8b5e6db8607265c798659d8f9c3a7826d3d6e579f53e05aeaf6bff35a66734482a047249cb8aead93b78535ef62f3e5a39133ff180b96185b4df5e08","ssdeep":"","tlshash":"0b80044454c370d005504440d1d41014550104d01155005570511d5435111000070530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.726939Z","last_seen":"2024-08-19T17:49:29.726939Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1d9f900a21dd78ae468d9ab80f288565","sha1":"9bf9be1809e638722f52afeae946f830760a4a56","sha256":"cea200d9a0ede5dbbb083773a88048b0c8ab5afe776f3197bd9aa7c47d643d07","sha512":"e37fa33e583b39fb31d395a97966ec0216825761720f1b89c74b60a563e4e56037fa6b0d893f7e217f047a722697c0e0940e03db0cbc2b8439449cbb52fb872c","ssdeep":"","tlshash":"fd80044454c070500d504550d1d0113454010c541155001550515c5415110000070530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.727699Z","last_seen":"2024-08-19T17:49:29.727699Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3de20afc8e659983b6a15b8734365ef5","sha1":"688c68e3455af723d912eed74f6cd095d72a04f9","sha256":"c0ebaf883063561e5da6cd0454ad34c2bd2030ae17ad7b57ea4e40d08d9d9498","sha512":"73c573802fb1e0a6be24210eeedb97b258d76eba32bcb8b4daf56dcea2b2e64f5467c167a279141ba4510fcf237822bce7e6113b2f061d49cad55122c2dc2e10","ssdeep":"","tlshash":"7a80044c54c070540551c540f3d03014541105503155101550711c5c14104000030530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.728447Z","last_seen":"2024-08-19T17:49:29.728447Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1262e474ff34eadcf4f9e4b703e5f0af","sha1":"d3d30009b206133613f6848e5363ceeb1ffed5ed","sha256":"4c3ce3ec6dd80c8e2ab36fd1987f4dfa14c45fd7c45a6e2f7d6c5592f9aa8e55","sha512":"c3870f182912a2ca8b73e2070b24f93b203437522fb78df53c38f3c3386bc37db24aea8afea95070fbdde92219f189db3186eeaf48efe3cb663327987ffe2482","ssdeep":"","tlshash":"fe80044454c0705407514440d3f01014540105501155001550511c54141100014305f0","size":28,"data":"","first_seen":"2024-08-19T17:49:29.729142Z","last_seen":"2024-08-19T17:49:29.729142Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4fc2f991cdf6584d6c7249308af90bef","sha1":"56283c2a8885239c21210f8e351a0c4207c77bcf","sha256":"70b86b8df42a122195b81045c478744ba9962ec9714fe93bd148a1747373bf8e","sha512":"5814f170b80380fd0c9ee2d9f0f7c716e8a4afcd1c9fbd0f694d2656a22d5389b7dfbf7569d1f38af1020b69a353ae7688846cc791bd4a8c27ded3466d8b0acc","ssdeep":"","tlshash":"3080044554c030d007504440d1d01014540104541055005753515c5414501044430530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.729884Z","last_seen":"2024-08-19T17:49:29.729884Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3f5d34c77a5d63e56814864275a9e5ab","sha1":"449f9a87dcbebe4354a994d91f6a960d468342f8","sha256":"c4adeb3ed59ceada610a2382205334de2e7aa5824903b56c8a14977864e0cdb5","sha512":"a62f903fb2bbac8f486844ebd54882239de21e367a56314e390b25ea4eaa1f01a2e7267a7c15789f54ea7c027c28fcd650e52ca79b774a2f6000746da51a8ac6","ssdeep":"","tlshash":"ae80044454c030d107504540d1d0111454010c50105d011551551c5414110004030570","size":28,"data":"","first_seen":"2024-08-19T17:49:29.730517Z","last_seen":"2024-08-19T17:49:29.730517Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fa6b181ec39bf108db541fc647902852","sha1":"f31bf69e4e958beea5ec48c62aef9dc95f4c3765","sha256":"d402e01c9d3fba2ce7156e553a486444de8c676a84851c782cba389bc904fec8","sha512":"cb0adaa409dc67b6b3a5976378219bcb7dcf6e16b00b1788620c4af8d26c6c14324b91e78403f4684d30ffcd2ac2e5bef2430bee6ad5e986ff99e8e27577dafd","ssdeep":"","tlshash":"6f51daa17a142360b6720ce31e1f146f847a5632a77ca856e70aecf02c56ea4e079f16","size":2798,"data":"","first_seen":"2024-08-19T17:49:29.731218Z","last_seen":"2024-08-19T17:49:29.731218Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6af6c25d8e68221d08cf94423cfe3b17","sha1":"626428cfbed37553b1ee02616a3a7ff20741a6ce","sha256":"3b94d0749219684250238aeef6a31d53a6e99c195f0e464e12fc75ae9d85346d","sha512":"e4c42ba955182d9fcdd6ed1d97529e276e43d91d884dbee40273b91c1bb69256aeb08a3b342f66f1f5228039869ab0650434c6298cbbd58f46c3f44814e66e18","ssdeep":"","tlshash":"95800088a8c0b0a80aa28c82f3e02028a8020eb022ab002ea0a22ca828202000032a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.731889Z","last_seen":"2024-08-19T17:49:29.731889Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8621fd8feb28e1f8095322b8d417cfc2","sha1":"9f7a08da4773de28b0adb37a1cd3023608fe6c1b","sha256":"0bb8086d9d12a072e5787a0187c7ede2b1f5ca861b1443de25aadb24993fdbb6","sha512":"429ae9b1975efcc5b381b7bef6459ee2f942b2fd6d2e65e27c4d70b850e23a5dcc3532f5e2a9da5482cac24d8bad6c1cf785434a62bdcc3ea653d5a1f1dcfecc","ssdeep":"","tlshash":"268000c8acc030b00ba08880e2e22028a80208a0a0aa002aa2a22ca828200088030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.73265Z","last_seen":"2024-08-19T17:49:29.73265Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"44f6d00fb0ad1d6cc6dd8eb620a1f011","sha1":"b939a724910951d454bff52333b1e00b1e1b2f42","sha256":"8f145d1a97e55183d737f51f1b45d3dc3d81f5ff8462e3ab9105ecefe2382b4d","sha512":"5904bb7d030bb3bee241f061364e818c2ef8bf1988da330c4b2ff38dd578ae0221acd20bf54ed3a0b76c42ae86aa96a34479b4fd6f982fdb4104bc13a4386922","ssdeep":"","tlshash":"6980044554c030d017504440f1d01014541114501055001551531c5454110004031530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.73345Z","last_seen":"2024-08-19T17:49:29.73345Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"55bbb20c5d1a555f1b96ab2132824983","sha1":"921f1981099c302f394624c5ca69d663787e4f56","sha256":"8c8ff76d793309e056599214596e3026bf8e2aabf9db4e55a0c63957c3071966","sha512":"22cff1f3f4989e1ebd615b4c725132a01b1f061d4e6d8c4cc2c26dbfed7035df3732dd1b622e81402da6a04e5bd55b66875ffbba318665ec637b2fcb1874fd74","ssdeep":"","tlshash":"82a0020eb437199a4312a43479373405693e3d5844845290576609a51b50287504dea9","size":60,"data":"","first_seen":"2024-06-28T15:47:59Z","last_seen":"2024-08-19T18:55:15.677105Z","times_seen":4122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ad19fc88e91b146dd6900bd492f49012","sha1":"c363094bfb6f03f7746c8a29fc1264872bdc33c2","sha256":"798fbdb5af76b6c9af36aacc437eb8c628d16da55702411b0f31f08ed50871cd","sha512":"95452154ca3d917352cde8be69baa22ad75531e042dcbb95338a173c2f2631a98950806e311f89b93435fa201e6a202b721832a6ae41f70b0f2bbff0029d45bd","ssdeep":"","tlshash":"9d80008cb8c030e20ba08a80e2e02028a80208a020aa002aa2a22ca828200008030e30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.734721Z","last_seen":"2024-08-19T17:49:29.734721Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"965c9d952c339164ef3b131bbf942385","sha1":"8a4c6a30cf40b06c8d28f6ed26fc831e34987352","sha256":"fa3a22b3f4160b2b4b0edff34a4d6717b7729ec7168ce042f09f1a90f5218cd8","sha512":"c77107791840ba4534d03e42580a7424f386e702bf5425ee6a59b47fcba94e16a1b143db9c302ce965948727cdc109e10bb2af3e8eef6e33279bcfefdfd099f0","ssdeep":"","tlshash":"a380044554c1307007504540d1d01414540154543075001753d11c5414100004030534","size":28,"data":"","first_seen":"2024-08-19T17:49:29.735351Z","last_seen":"2024-08-19T17:49:29.735351Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d4d0b5fc9868b345a32b4b0832170a5e","sha1":"ceabaaae15ad114b8983684542877605f23677e2","sha256":"5aeb6fbca37ebb16ecfc125cc120e1735316dc2cbf222efebf867d7129008c8f","sha512":"48518e3fa26a517e85d33221f8c612f7bfb50a76e5db0b589cabace1f56a9d75158c8275d210d7f16fc3400244e7e33dc251913ed46fafd93ef5208fa612aacb","ssdeep":"","tlshash":"5c80044454c1305007504540d1d01015541154d01055001d51711c541410040c030734","size":28,"data":"","first_seen":"2024-08-19T17:49:29.736005Z","last_seen":"2024-08-19T17:49:29.736005Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5f64ea5423f80d6575ce787ae8b67c5b","sha1":"91b3296c4a51fa4991e49e6fd8faa06e84d6e8b2","sha256":"7f002b52b1688b20d67925d6952a55d74c75c58ddb7ec116b2aa2f7ab855cdb4","sha512":"785cdce58fbd7da79e50ac9d2ecb3625fcafd84bbaf74f273bba1dc03c4b350f939c161aaa13caa57c0d719dbac21a6d3f226dd3837f3b3b2491aced0d350646","ssdeep":"","tlshash":"1780044454c0305007505440d1d1101c540104501055045551511c5414111444430530","size":28,"data":"","first_seen":"2024-08-19T17:49:29.736651Z","last_seen":"2024-08-19T17:49:29.736651Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f4452825883a9d3b0bab102452f350b2","sha1":"c31f42bb2b90d399913646e411d7a2e70ed5c5ab","sha256":"0d67d3094c2d5058c819a693106d60791758fb62ac0b76c99d323fe1d4f3403d","sha512":"351bdf3f993373c2c086413350023e5bcade537e33788d0fa975a79d89366ae610517e0dac130124feef458bdb46d062ad40adce038aeee2ba569bee99de379f","ssdeep":"","tlshash":"15800088a8c0f0a80aa08880e2e02038a80208a022aa002aa8a22ca82f2200000b0e30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.737288Z","last_seen":"2024-08-19T17:49:29.737288Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-09T15:23:59.351846Z","times_seen":700845,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5782a091a3d6dbfbbd5765df93a75f59","sha1":"5ca901f6627f7a2c87c5198e94bca6859c711c3b","sha256":"8f0cf7fb2c989cafebb48e2a4cf7b52781c2b37eea79c3b648739ded6d46bf63","sha512":"eff5f33213d7c74ed0f6c3ac8f469ba69c1aae3b0399cf7925ccb90b6d43b4466e89c7694843d74cfc653d0562f561426535476131a02adfda89acfa9a71703a","ssdeep":"","tlshash":"f98004c454c03050075544c3d1d01414540104501055401551511c5434140015030570","size":28,"data":"","first_seen":"2024-08-19T17:49:29.738877Z","last_seen":"2024-08-19T17:49:29.738877Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fa386fd39f857bcb6283955646908b85","sha1":"8fa7044b84b8b6fa2df3ba809558b3559310d278","sha256":"741be4ef266185cf22ca7d93a044b50739da9d727542b9fd77f4afc68eb18c42","sha512":"2d90fd51f41686d89f1960d2946159ece03e9e2542e213c7741f0964f8625dd9910408729f4a37cca5c669ec5df26c2754d630d11d2eb09b0826b8296734bb28","ssdeep":"","tlshash":"6480008ca8c030a00ba288c2f2e02028a80208e022ab002ae2b23cb83828000a030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.739637Z","last_seen":"2024-08-19T17:49:29.739637Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"40f82a18826fb2f054268ecae1e5626a","sha1":"9814334886d9663f518ce62d7e8dc1de3e776096","sha256":"dd4383a2f9f884f4bb4eb882f2b15d5682e4dfc541729f739ffb01dffda9ce4e","sha512":"f4fd4a5e0d4f915890df2e1d63adc4a199d6627385166008842b9b99edae5866fdc956964602d5c60db7516b685a75bf5e720c407fbf1839f43f03d8e5626fea","ssdeep":"","tlshash":"12800088b8c230a80ba08880e2e0202cba0328e020aa802aa2a22caa28200008030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.740295Z","last_seen":"2024-08-19T17:49:29.740295Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a6c8bdce664a7285d7bb19aa17a8c4bd","sha1":"b68a54cd3dad38d8befb3178bb30790fab5d7323","sha256":"4827d2bfdfe2d283a8473feae1376a237c59aeb2ce42b32022a350e757254542","sha512":"602fc582a63fe6de4867f52e3ab480d9098746bbea530de33c67b1052abc47c0d9a3d4f8988314cb7a062c4cde8c461d21aa04c130db799bff9e23e229483cb4","ssdeep":"","tlshash":"d6800088b8c030e00ba08880e2e02028aa2208f020aa802aa2a22ca82a202008030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.740959Z","last_seen":"2024-08-19T17:49:29.740959Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"46644f64f0a1a3896d6961a194f39a8d","sha1":"52886a1e42b69983efa6a0cde46eaf01b398f533","sha256":"bcb5303d8956deda0e4aa57e60a4da95788be437a70d1ef70358752142b2b7a4","sha512":"b061db175ce3eb92e2491498e3ed899c4d1a35819f3d89f9e1715eac08d7bebb7c417e53d7c2b41692f8ba64c8826d901a94fe604a592b51b0b36c1a9fc6387b","ssdeep":"","tlshash":"43800088a8e038b00fa08880e2e02028a88208e020aa00aab2a22ca82820200a030a30","size":28,"data":"","first_seen":"2024-08-19T17:49:29.741574Z","last_seen":"2024-08-19T17:49:29.741574Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f83fc9037eb10c73dbe5461bf1d4f506","sha1":"37e7725c45a2f436784419a123574e9051097f8d","sha256":"369c3ef3f7e250daeb16a776d154db37cbfbf86b46a22f2ae37883783fa3d3a7","sha512":"d58a60f382c52df49947daec673a640b3f80663d86054fef8f10820b1a7fe4c6666865cf86bbbfd533086aa5e35d30d8a7d396592c0f49c2fc10ac9a8d10a0b0","ssdeep":"","tlshash":"26510aa17a042360e6b208d32e5f04ef807d2632aba8a485d70fdcf11c95ed4e07df1a","size":2807,"data":"","first_seen":"2024-08-19T17:49:29.742326Z","last_seen":"2024-08-19T17:49:29.742326Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:31.229502944Z","timestamp":1720280311229,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"652EE033C72BC8EADCF29C25A5387BC303BF86E6C57F262C576117F659F15EAB\"\r\nLast-Modified: Fri, 05 Jul 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2684\r\nExpires: Sat, 06 Jul 2024 16:23:15 GMT\r\nDate: Sat, 06 Jul 2024 15:38:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f63e8d9e64abf0e5b2784ca051160e84","sha1":"d15d17504ed5c584ba42145060cf745fdb41c1d0","sha256":"652ee033c72bc8eadcf29c25a5387bc303bf86e6c57f262c576117f659f15eab","sha512":"95dcb525e807ccfc2ab52f6a0101175566fc8e587e04a39a7f18de971b0d5e4569779e04e98dabc2e593080276352cdc04fd49ad7817677c9f2cd96548b314f2","ssdeep":"","tlshash":"03f0056101d27f14563411129d76ea753e3095be28412ce3649055b1d8707fb4984049","first_seen":"2024-07-05T20:29:47Z","last_seen":"2024-08-19T17:56:53.123553Z","times_seen":40297,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:31.253027174Z","timestamp":1720280311253,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3BB2A3698D452F1DE2FF4F283A89FC427D9FE01C02AD968F215BEE1834B1C1E3\"\r\nLast-Modified: Thu, 04 Jul 2024 15:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3626\r\nExpires: Sat, 06 Jul 2024 16:38:57 GMT\r\nDate: Sat, 06 Jul 2024 15:38:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e9a839fbbf2a5bc4f1a01cd5fca04d5e","sha1":"ff4396bb2dcc9211b70f2e3266720172ee2ce085","sha256":"3bb2a3698d452f1de2ff4f283a89fc427d9fe01c02ad968f215bee1834b1c1e3","sha512":"f24e231017d32c1b1604d0d7e6e0ea6cc23cf43026e68b3d1cc81e06370b0b2f07e21840408613f1f3ea44040167afac8575241e3b5a548cd9889c55dbaa1b55","ssdeep":"","tlshash":"7bf00ede1ed93e41b2a8522d1a70d81d6d01beba287008e9248143d62f587e689c4d4e","first_seen":"2024-07-04T17:28:39Z","last_seen":"2024-08-19T18:05:50.120876Z","times_seen":49663,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:31.604006443Z","timestamp":1720280311604,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"376A5286B71A4A7E90B3EECE9B39480F50435D5EF3C7793828481F590D04BC77\"\r\nLast-Modified: Thu, 04 Jul 2024 23:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=14743\r\nExpires: Sat, 06 Jul 2024 19:44:14 GMT\r\nDate: Sat, 06 Jul 2024 15:38:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"508d0867e7982df7cfa6ad58e05ce470","sha1":"6f4e15b94e527d02e8dd38f8b69b493cfae84c56","sha256":"376a5286b71a4a7e90b3eece9b39480f50435d5ef3c7793828481f590d04bc77","sha512":"6df5f4a96e185800d882599f0646e1a1396280d3b4c98277687d1493a41dca30381487c8a826c36c06ad12bae9f985cc45cd96bf3c367c75c1e7ea9a1bc9600f","ssdeep":"","tlshash":"12f07562257579189a302d0828a1c6041f113dae3a0c1afd7a9002c09440bf5106c084","first_seen":"2024-07-05T06:41:10Z","last_seen":"2024-08-19T18:01:42.729319Z","times_seen":43182,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-06T15:38:41.831Z","timestamp":1720280321831,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nCritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nCross-Origin-Embedder-Policy: require-corp\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: same-origin\r\nOrigin-Agent-Cluster: ?1\r\nPermissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nReferrer-Policy: same-origin\r\nX-Content-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\ncf-mitigated: challenge\r\ncf-chl-out: VG49qtf2pT99RsLd4dqXU7RHNdg7l+htDVtHocow/X0pg8V7NIBTYq8XYflLzhnylYBOnaoYUVRgahc0G1BIG2uGFiOaeO0cb6EVJfOdWl8=$mQHAd6tGvFBjRlGYCrP7Zg==\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Dh5jNH6HwLYls88kcLA%2BzP0%2FuZNNabWMd0uPYknygq4uDpt63iN1u3KLslcVh32rOWe2W0xB%2BVZxjYZ0ozF06fRp2CI8w2eWkpAgef7VJlcsmE%2Bp8U92t4m3C9o4Zg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeae9f8b1c16-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5702,"size_decoded":14017,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (14017), with no line terminators","md5":"042fbb4925451254e30b73dddffc7272","sha1":"e47728a829c9d23f32b8eca0b48b1a1d69f8468f","sha256":"013ddb4e0acadb466a163854f3121a9522e369498f1c5d4ac3875465314d1882","sha512":"a9763d73b8fbf160acdd3a892fd8a5744e0010ab98ae57681efe5c74ee304b35e4d24a5c6417c7538cf0f90e27a484a1e9701607228c2c565dcf531850e16470","ssdeep":"192:PNxyShvK9moqTJkNrv23uVU7dQpqbBYuSH0fzy3N:yShi9boJkNzraGsB1SH0fGN","tlshash":"b1522a679a42204f72770f6f60a5f6609029b784e70257bef0775e088788e1f29963ec","first_seen":"2024-08-19T17:49:29.703061Z","last_seen":"2024-08-19T17:49:29.703061Z","times_seen":1,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:32.153217492Z","timestamp":1720280312153,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"1A1D7236B0738F65D98E772F67BE883F477AC175767F971800A6BB3997399811\"\r\nLast-Modified: Thu, 04 Jul 2024 16:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2651\r\nExpires: Sat, 06 Jul 2024 16:22:43 GMT\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"223ffc40cc96a2aa59687065c089ccfc","sha1":"6bc7fa694691bdca752335ecf0f7268bf2c908d5","sha256":"1a1d7236b0738f65d98e772f67be883f477ac175767f971800a6bb3997399811","sha512":"a56b7dacd1e94c713679231368bfa601a15e8519263ba747171c234ff91fd80ca8bd67c611381d711b7cb54cb32298a2a9ae82cfecdef6cc5be870f1a4d08f47","ssdeep":"","tlshash":"25f0c06219e97e603a644b25b8a4c3582d50bc582a0018a52a1086e164647df79c9449","first_seen":"2024-07-05T07:22:24Z","last_seen":"2024-08-19T18:01:32.975771Z","times_seen":32093,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-06T15:38:41.831Z","timestamp":1720280321831,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 06 Jul 2024 15:38:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncf-mitigated: challenge\r\ncf-chl-out: yUNUTN/WzZOUo1o1T5kdeL8E19swaf7s+x+yyQLFhEl3kK4O9CYMnPrXc0ZrNtLgZptSA7i7P5woBcn/469/JcMMcRjaHH81k5PHVlRRyi4=$Bov+chXmiPrXODYD1Wggfg==\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=zjKQJH5IpFRwrrzVvHyK0znuUyWY7CD3feGNQWUHfV5uiBmPhyvHhWS8F9BpLMXapSU%2FjeDmzjJQXn0fWte9jOmahhS2VDHGgbYGlzDSXBdY9TxguI9tSuuhAPppsg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 89f0aead7a86b4f9-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6769,"size_decoded":15660,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (15660), with no line terminators","md5":"5175a0456303638ddbc8e6faad9d2a8b","sha1":"3a58ba6b5b604755f165c2e7746228cc8e47924d","sha256":"3a7d1a684d3190502a488943a1b93267ee085db2a71ea7529af01a2925fcf9c0","sha512":"df7df49389990953267e88612a53bc4d14581f2dade8751ea0c9573bbd3544af5ad2f6f82b6c8746a372d0aa56f40ce814baadceecbfd313163e514fac692936","ssdeep":"192:PNxyShvK9moqTJkNrv23HMaM7ZFQ9QyVgSWJC12orjEzfryaN:yShi9boJkNz+MtwQy85KjEzfPN","tlshash":"a7625ca39a06204b77774f5b30b9f560d129b384f70153bef0765e18cb8da5a29923ec","first_seen":"2024-08-19T17:49:29.704432Z","last_seen":"2024-08-19T17:49:29.704432Z","times_seen":1,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89f0aeae9f8b1c16","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:32.576018661Z","timestamp":1720280312576,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89f0aeae9f8b1c16 HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/?__cf_chl_rt_tk=mH_SzpLtOCMm1Id8P8i8FCueF42CbZrMmHVt3oSU4vo-1720280312-0.0.1.1-2217\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=L2grQVygcuQLdnOiFtX6nTkhsqFQ%2B%2FQau7tKF5MeQ%2FBsCA3Q0mBc2ooey2Cxhfa3miYWI1GclfgEndZGJ5USm4ShXXnhhgIvAyGODboJ%2BRue7tWaWCdQJdAEQuq66w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aeb0bf4eb527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":103440,"size_decoded":371849,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b9fc2f08e87dfa181722419fdb51a9d5","sha1":"8bf3c260fa00aa2dc2f78c9446d0fd9d624b180c","sha256":"9e6a053e636c2f2540bc103a61a2aa70dd8a5ad4df3546b875559c7f4f024c15","sha512":"a7dbe4013b5229efad1e0b2c6a4f7c5217e2fa6707a34e3e9701aabdfdbece72390957c305521fd614c5e67742858936a75984a8c82b11f3597a5fb6c692d23d","ssdeep":"6144:GXrh7E3XpFHB5MYKaHNtr6UafnEvrw+4wut75:Gbq35XrttgfEjw+41N","tlshash":"db8472cd0395e99454632e3cf0237322a1af0e164db899d9b94071451afe32fc6daadf","first_seen":"2024-08-19T17:49:29.705172Z","last_seen":"2024-08-19T17:49:29.705172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/favicon.ico","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:32.58114569Z","timestamp":1720280312581,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/?__cf_chl_rt_tk=mH_SzpLtOCMm1Id8P8i8FCueF42CbZrMmHVt3oSU4vo-1720280312-0.0.1.1-2217\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 4512\r\nLast-Modified: Sat, 06 Jul 2024 14:23:20 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=w3efSwnmu5ernVHrTXEF9r32XVP7heM%2FU%2BXVR7gA%2B9wopSRfIOHiQ0GfQwX%2Fs%2Fta0UTt%2FJZuMXXk%2BvAxwa2myVlaqhq0SrVzRF1Ed91WirKnWnV4zQA7J8Wlbyu7mg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeb1180bb527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":993,"size_decoded":2706,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2706), with no line terminators","md5":"006fcff04c4deef4b6cb8ca7c83532ae","sha1":"51c9598590094feaa1e2dff124020bcde81f6bb4","sha256":"7075ddbe521056839c9b1b97e1573b5d0ba777ba28896932e48f7b834a410058","sha512":"e2371067860b9c984b89e059f95cf0f323f31b7c4a240a7ef643e2f6b7968ccf2abe39c175ee8ea3bbae5b6f022eeb90ebc544ed45f70908debaa47529f345af","ssdeep":"","tlshash":"2951fea38931a88e5320da7afd27f04dc852994ac958ec91b2cb61be18f0fd18573771","first_seen":"2024-07-06T17:39:05Z","last_seen":"2024-08-19T17:49:29.70587Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/favicon.ico","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:32.584933869Z","timestamp":1720280312584,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 4512\r\nLast-Modified: Sat, 06 Jul 2024 14:23:20 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=WJioG6YbKe0ngaS%2BOUObNuN65mv6CnvIWCgdMWU3nYUvv9Dxl%2Bf7FRAjzujJih7E%2FwFDhchhGpS6COTMLnaTirgRL5xdSmvdzyyGurSknkuirgoBuh%2FeXNes583cPQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeb168b5b527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":993,"size_decoded":2706,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2706), with no line terminators","md5":"006fcff04c4deef4b6cb8ca7c83532ae","sha1":"51c9598590094feaa1e2dff124020bcde81f6bb4","sha256":"7075ddbe521056839c9b1b97e1573b5d0ba777ba28896932e48f7b834a410058","sha512":"e2371067860b9c984b89e059f95cf0f323f31b7c4a240a7ef643e2f6b7968ccf2abe39c175ee8ea3bbae5b6f022eeb90ebc544ed45f70908debaa47529f345af","ssdeep":"","tlshash":"2951fea38931a88e5320da7afd27f04dc852994ac958ec91b2cb61be18f0fd18573771","first_seen":"2024-07-06T17:39:05Z","last_seen":"2024-08-19T17:49:29.70587Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1537750212:1720275790:zKspBa4NPFEJRcm4bgfkfmU2Ujdv4ZzXU1dVTpi1Z9k/89f0aeae9f8b1c16/5c6e53ba3b40935","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:32.766564047Z","timestamp":1720280312766,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1537750212:1720275790:zKspBa4NPFEJRcm4bgfkfmU2Ujdv4ZzXU1dVTpi1Z9k/89f0aeae9f8b1c16/5c6e53ba3b40935 HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 5c6e53ba3b40935\r\nContent-Length: 1589\r\nOrigin: http://femxa73e.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:32 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-gen: 7eb5bkGYJ9ppEFY914lFyXokf+xtek0Gj00K8HDWWZL3QLsuOlc0dvby6xwwqcYl$JtshMna8hdcA+1ChQ4nUWQ==\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=K%2B5NuFzN6NQNbZ1fubG2nmo3mBF%2FzmQjuo5NMOeb%2BVn5IBqmMztqxcV2uS4QM0a1m8dt7I%2BOzWJqy%2B%2FVEGOP6nXFeRexgfPIvHxj3Nyn9hSkA2b4g4Ve6R8j3yrL9Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aeb26a8ab527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":12404,"size_decoded":16460,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (16460), with no line terminators","md5":"09c33cbf03642afaa318aa6666571d85","sha1":"b7920994f720e6a421a2d3c8e130eba5f5fbf239","sha256":"b2b383ee791dc69bc3ff12713720c78789caee2d3625e0a76a190ecbbde5713c","sha512":"a6dc6b1d900ff4ff5185de12bc59992f7ea54101bed24ac21188953703b8ea151d370b8a04d3ce6fddd53beaf12dac0bc07d4373bfdf39a9a958cf18a53cf2c3","ssdeep":"384:AXEgC2+CEGdLuNw37t02xo6ldv+33M7Td+wW9Ubv:UEgz75uq7t02zaMV+w4Uz","tlshash":"cf72c0fd1c7a55ce98b38b0fe19979c172398e86b691496330e0181a4167d86ef124be","first_seen":"2024-08-19T17:49:29.706659Z","last_seen":"2024-08-19T17:49:29.706659Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:33.139407565Z","timestamp":1720280313139,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 61\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 89f0aeb4fd15b511-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:33.891987616Z","timestamp":1720280313891,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2\"\r\nLast-Modified: Fri, 05 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10375\r\nExpires: Sat, 06 Jul 2024 18:31:28 GMT\r\nDate: Sat, 06 Jul 2024 15:38:33 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"861cce1bf441610f1dfbb14264d55122","sha1":"1596b2c44fcdb5f7a49c73da766e4ab48b6bd064","sha256":"f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2","sha512":"c475b673ce5e7ae8a00ea2d8d2dfccf06484e9eb5454b212905534fcd83a35a459bc5e849eaca05824101d8434208506dea5bebfa4e61999e2f3419de5f77d1f","ssdeep":"","tlshash":"22f0059421f77e005bf116151da5d52db92cab6531014df2b49012b368f0b6a67418c6","first_seen":"2024-07-05T22:02:26Z","last_seen":"2024-08-19T17:56:38.421498Z","times_seen":44889,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89f0aeb349fab511","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:33.942820871Z","timestamp":1720280313942,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89f0aeb349fab511 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:33 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 89f0aeb4fd1eb511-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":67954,"size_decoded":201954,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"af89831a2c1c71d5f9f8ce0fdd18b80a","sha1":"883342fa92c9e7086cdd867fb1f3e91be40b638d","sha256":"aae28ef4489882f2ecaebd293a0ea09cf41f3b604d136124d690913f29fa88b0","sha512":"ecb8ae004191363a76327228229fdb4c65317460eeab8d052e89869540edfbefe078848071ae3c83321deb1d446a62bdce8ed687895609d1d105c0e4153b8e58","ssdeep":"3072:DDBu2pQjUdXSEPE07Z72pp0kPjZpLmIA23C8wxHA+cK:Ru2pQjyiR0d2DLh5yHlv","tlshash":"2a14c8cc67c5f9a510633d38f4272213b1af1e455c3c48d9ea14b1d429fa33e91daaae","first_seen":"2024-08-19T17:49:29.708637Z","last_seen":"2024-08-19T17:49:29.708637Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/521667108:1720279573:zrUIiL7AFSlWfXy7khLRpWkcOb6gu2e0AHzS6r6YKWw/89f0aeb349fab511/20d7aab911f2c08","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:34.000371781Z","timestamp":1720280314000,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/521667108:1720279573:zrUIiL7AFSlWfXy7khLRpWkcOb6gu2e0AHzS6r6YKWw/89f0aeb349fab511/20d7aab911f2c08 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 20d7aab911f2c08\r\nContent-Length: 3329\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:33 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: oMzh1EgLpadZsfl59G2thLs3R7xxXwumTxiyJ0a1cRgAnFryo5Ek+Dp73R1fejGeODJ+6VyInUOqSTMMPRJ6wbBH8zwHS4FFjnfB+Fx5Vv8nyAD2eHkgegmS3jR9Go53OJdqxUjADNapNLdq3gcNDkK7iyo6+ehzlqS6j+BM4Sspsf1yyuj7Y++3O+dQrYK7GdRti4J+ESJD4ZK2ePd4hbzCNvW2ek/uKvc/zCM9HjshfkWuOfhYogaoajZnUIDOHS+Rw4OkurYQS/jvUgyEfj2AAGAxeGlp0/6DW9eum4lFGlZOhi3wjsFDp6if2soec/NjM2VZba83iUgLB3dqtjlo96TSAomDL5GQ7Hr+Nf4wr0Kcrjo539H0g7YfcoiPy/YfZKToL0pkwlOjyZ74sOEJitLZQknm/o+fHvdS3lkGpWSiwJDMnDu3B8Ytho6O$nny2tQAo3KxvfF8e4C3bRQ==\r\nserver: cloudflare\r\ncf-ray: 89f0aeb69816b511-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":98903,"size_decoded":123064,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"61ed1263d7f261fa531c5a46834bd8ae","sha1":"8c90b7443ef30083582c72bbd5b6b4f890327c26","sha256":"344dbe6ed6b95e90ac773c4566deb1b1df18452a1bd2d0b86d88329f9d6a95c8","sha512":"5ec4b9006a8e6d3f5b6581b45f3482648007d1811cb898482a3a26a7c97829673d01faea8ac8b1e2bc8a1174b83ac884e51663d4a8fb34edbaae1ae7189cd1db","ssdeep":"3072:W4QbQBdizpvhVq/GPjIZsjK7ifoMrUTrzqf+St4dL:WTbQd4hVq2jIh7434v/St4dL","tlshash":"9dc312bfb6381746cc3248baf764421729784e32b12869fe5bcc1f4a531edc86d1a919","first_seen":"2024-08-19T17:49:29.709444Z","last_seen":"2024-08-19T17:49:29.709444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:34.024125871Z","timestamp":1720280314024,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'\r\norigin-agent-cluster: ?1\r\ncross-origin-embedder-policy: require-corp\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-opener-policy: same-origin\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ndocument-policy: js-profiling\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 89f0aeb349fab511-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":25336,"size_decoded":79232,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (42151)","md5":"b5453aebb219493d3f4adcb06cb0e43b","sha1":"77328bdadd0d0cb05c36f8807950664926fe641e","sha256":"3b5123d036aec52d42cc769a8251821717d66bc3e00cd3b697e4ffdd54be461d","sha512":"9987451b8cb377191d3daaf3045da907fc3f384852ff30b63bf9c06ba37b1930a3dab4a9a23ffb75fe671547b26c0492ef85a2400898591b60e92f1e0b36bf4f","ssdeep":"1536:CaRnKgI6EDjeunATe0peonpgwe+IFTTdhf3i5SnREAupig73hpp2IaMCPHnKrpVX:LnbjEvvSWwtMxi/bU7Y+m7YYXYjtcfAS","tlshash":"4173d7d98dbc3d59bb029b29b1ce51e3632d67471905f498b48ca180cfad14e26f0f7a","first_seen":"2024-08-19T17:49:29.710156Z","last_seen":"2024-08-19T17:49:29.710156Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89f0aeb349fab511/1720280313398/qjRsFFh96BCaAXJ","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:35.642668083Z","timestamp":1720280315642,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/i/89f0aeb349fab511/1720280313398/qjRsFFh96BCaAXJ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 61\r\nserver: cloudflare\r\ncf-ray: 89f0aec49ba4b511-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 19 x 6, 8-bit/color RGB, non-interlaced","md5":"4a2e25aae0dfb639e6634ae4f6e81647","sha1":"9ec6d870886d95c2eed57052016ff1feb28396d4","sha256":"9b7990399c8e5e04203b4927d401260aad0f3b398c131a8c18e5d234a8133973","sha512":"7092ddf2062d3d77251a64cb0ce5af3145cdeb827a8f997702d9a22255b272fa8ca511a986ee16efad2cb5e5b24d4cd51676c48947d5df1975cd961e5e6836f7","ssdeep":"","tlshash":"98a002db6390ec38ea4a43b757660451f9370614535103058815d5351a1b27e81d8ac6","first_seen":"2023-07-11T11:41:00Z","last_seen":"2025-04-29T17:21:18.794913Z","times_seen":71,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/cdn-cgi/challenge-platform/h/g/flow/ov1/1537750212:1720275790:zKspBa4NPFEJRcm4bgfkfmU2Ujdv4ZzXU1dVTpi1Z9k/89f0aeae9f8b1c16/5c6e53ba3b40935","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:41.765341944Z","timestamp":1720280321765,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1537750212:1720275790:zKspBa4NPFEJRcm4bgfkfmU2Ujdv4ZzXU1dVTpi1Z9k/89f0aeae9f8b1c16/5c6e53ba3b40935 HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 5c6e53ba3b40935\r\nContent-Length: 2996\r\nOrigin: http://femxa73e.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:41 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-out-s: egtFFOrGkHSOGRzbNeI5lMvvy6W7a8Mfs+IokNgC/etdXeDF9SMLsCH3lwHBTSwSzW3NiBy0ZTJNPkj7C/vXYz502ThR8/CdXVSc7M1ON55bmio5FU3M6swX3149Gh0hZak+rTwPn44L+olinhGoco6Ga5QvId7pMYGXtP9zXGhxj40b8PxNh4DDqd4tE1HOmVjA5sWztAqbTZsWIyeI+uXVKxCKZPJypS4wM0eQcADvNriVvC5UnktAvbaJPS8Vz15fBTBS+ki6FSsWfBv1DvuYx/2v7xkjrxZhUYSEMpphejMQvpLizUQyoYDg7pDfZHatQhFtGNSGtUpRZQcLu7iIhD+MmNFPIFNGG9qCO0nU/x/qH+IxXPYc9kWh/NM0S37NO9YdBnyYLDUoKzdyznpeKmFKQFVQxxCitj0f4iADmhHQF37fDma+JjTl3ylHMOq+CjCsk5uE0+Pdyg6opQ==$tfweTfWmiKpetNq2grFN1w==\r\nset-cookie: cf_chl_rc_m=;Expires=Fri, 05 Jul 2024 15:38:41 GMT;SameSite=Strict\r\ncf-chl-out: ijie4y4lMiX4bt7rjjJQ2WyHjJb/ePRx4Y/v6Ly/YJwa9/AZ3cZMsENJ+3Q142Eq3sfDX3VOQ2rIvfffYJHbTw==$72ffJxPjwTkLtgoqf/vQkg==\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7SWHnXNVea8VLKBgJMOY5LDJ0S83cVA3m8xrFNgcF6kQJX9teWPevEzK%2FngbhgOY54zNMFukr2TE5VOGO%2F4OFWWTrXdFAQXOmuVvyUBDIJcWRzudnL6qWzctXyo1uQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aeea7e8cb527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":3309,"size_decoded":4300,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (4300), with no line terminators","md5":"f3090bedc7c9cbcdbbc7ef0661ae807a","sha1":"c90ea889cceab78889f3cdfe35c7311928deac74","sha256":"f4d460e168e9d58a703297b65dde55b2007595e4db793a08b1c88f5704b4fd7d","sha512":"4f4a7bd8f039e06278adb3a43b9e44f065ad8c93e67cba21550dbadc6e8fbd3e00de5db2731d6163b18c6769b6b0ffe063348960b41668d2a70b558028cfcd18","ssdeep":"96:ZH8dx2bCXKDt1Z3Dgs0i19i1+9juz/On+a1BoVBYkAAgAvhT1Ob:bCetTgHi19HyzeoVBEmx1q","tlshash":"eb918cd79ff8cb02079169091ca9c859f2bcdf80281fcbf322b6543e72b0005926093b","first_seen":"2024-08-19T17:49:29.711885Z","last_seen":"2024-08-19T17:49:29.711885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-06T15:38:41.831Z","timestamp":1720280321831,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://femxa73e.cc/?__cf_chl_tk=mH_SzpLtOCMm1Id8P8i8FCueF42CbZrMmHVt3oSU4vo-1720280312-0.0.1.1-2217\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2683\r\nOrigin: http://femxa73e.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:41 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; Path=/; Expires=Sun, 06-Jul-25 15:38:41 GMT; Domain=.femxa73e.cc; HttpOnly\r\nLast-Modified: Wed, 03 Jul 2024 17:24:38 GMT\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=RO8DlC4z46gvuxzIYcsbdI9ok%2FUqk1RJ5jCNgD9WvwiB6iRE1FAqFN8LTE2LLg5w6RxQlL1CvBrOZnnE%2BoYjsT2Jvy22hFro17tajjDAnYor10uCiN7rmNIeBkVc3Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aeeb6875b527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":999,"size_decoded":2706,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2706), with no line terminators","md5":"006fcff04c4deef4b6cb8ca7c83532ae","sha1":"51c9598590094feaa1e2dff124020bcde81f6bb4","sha256":"7075ddbe521056839c9b1b97e1573b5d0ba777ba28896932e48f7b834a410058","sha512":"e2371067860b9c984b89e059f95cf0f323f31b7c4a240a7ef643e2f6b7968ccf2abe39c175ee8ea3bbae5b6f022eeb90ebc544ed45f70908debaa47529f345af","ssdeep":"","tlshash":"2951fea38931a88e5320da7afd27f04dc852994ac958ec91b2cb61be18f0fd18573771","first_seen":"2024-07-06T17:39:05Z","last_seen":"2024-08-19T17:49:29.70587Z","times_seen":3,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/css/chunk-vendors.c57533e1.css","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.049Z","timestamp":1720280322049,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-vendors.c57533e1.css HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: text/css; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 17:24:37 GMT\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 4517\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CYYf1JS34DAd4Kkjwn16iwy1Xfg2GpuqwSPgQ2rGGIYJroYdcBTcgESPvKjNpYG208lDEk6iH6KJYuNrOC61fOtPmlrtk6phaDgMXK1psG1yUa140RbgMCB95j10Pw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeecdb4b56b9-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43872,"size_decoded":156544,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ebfffebc1f62c3be51082e6595a0a005","sha1":"e278fbd6fd48150b3f366b50ed388983d934978c","sha256":"f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32","sha512":"ec1ffe3ba3da9f1db52f5bee312f94d09389d7f518234ca14712e2a7533f640264307382d3b2816e5c258b77581f6a4fc856895095067b83f5c4cd3c9d57219d","ssdeep":"1536:PeN5J+jOkiHcZiNEBVcZH5NHMja4drYEXfh1tRdsVAlWE:PgeVc5HMjajUfjXvlWE","tlshash":"ece3e92b8ac0235cb217ce615fc4a7d8c228c571e5920ef9f21376298fcbb86159675b","first_seen":"2023-04-05T23:34:09Z","last_seen":"2024-08-21T09:33:17.50638Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":3,"dns":1,"connect":8,"send":0,"wait":32,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/css/app.46d7d8ef.css","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.051Z","timestamp":1720280322051,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/app.46d7d8ef.css HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: text/css; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 17:24:34 GMT\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 4517\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tyEdciG6NhZueBersvpLNFy7qw3rG5mxMPN5eWALlQJH90WAeTtoDoSRIoYB22QmId8ohfrHqAlZQ%2FXLEO3Hnmn70xsNnCroOnt%2BaMWtaCwO50lBraoU%2BmE9e8QNiw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeecc8ae0afa-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2623,"size_decoded":15613,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (15613), with no line terminators","md5":"2e20ca27e7796f8b0ede3dc557e62959","sha1":"145212b1a2168f50e014a82b0e378ecbf654027a","sha256":"c510d70e5a43265ee92072ccfda02012da78de59dc4beed4e7a1ec636a58be59","sha512":"7eafa27300dbefdc75526e75975519f22b9d96b3b8c8ae99cd771c1e55890d8cf14d65a8c5b4aaee7cd0a3c4cb1462f96ec2384864151f51298bfb9712ad7bf7","ssdeep":"384:rDtkMDVkfJM0j0bNFJtu48SgY0QMDziYj5nOxKsn6v0+qasZOglzPcb0plzf:rhxkfJM0j0JFJtu48SgY0QMDziYj5nOb","tlshash":"4562632afa4a6014f57fc5a57da4ef8ee320bb43d1874a70694322725cc71e73778288","first_seen":"2024-07-06T17:39:06Z","last_seen":"2024-08-19T17:49:29.713321Z","times_seen":2,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":1,"dns":1,"connect":8,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/js/chunk-vendors.ea790e22.js","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.044Z","timestamp":1720280322044,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-vendors.ea790e22.js HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 17:26:53 GMT\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 3373\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rB%2FDlVJfScyT46foNWPXphwEnM7zI3wJvAiphvXKBWvGDtYZaHGkWivBz5HZ%2BTO0Q89bHh0wtDY7gXAbgmiq1NM50KTJ5R%2BungDAyT557k0a3Q6jLbl3EqQxBtFfEg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeecbb06b527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":272420,"size_decoded":949174,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51759)","md5":"4fee178f809d1b2a829099a8bb91c56c","sha1":"178b6322fdc40c08fcbda0c096c668855ad49b51","sha256":"c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d","sha512":"965985bffe1e9a2254888c7eadb7e896a0e78581ac728ca8c0d38fb673ceb302205573a9bff914acd7c1cb7bc6da32ed4cb5409dbf6e3eecc98fb359c28e8cdc","ssdeep":"6144:SCUOs30tR08Fg3iLLbQdqyWwEZwYLGX4yZI9Go/IudP0Pz+CNdQKKbqmM9wszi1I:SmsEtR08F7eRE2+UFPS3KKMhsgAPFDy9","tlshash":"c8151a89b281b075439770a4806f110ab2376d5ca40ad198f67df4e9af7ca8d6137f3e","first_seen":"2023-03-07T01:35:40Z","last_seen":"2024-08-21T09:33:17.508651Z","times_seen":1004,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/js/app.1039672d.js","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.048Z","timestamp":1720280322048,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/app.1039672d.js HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 17:25:40 GMT\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 3373\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ssV%2BhwCl5ywS5%2FBNDlYJkntz7Dlet0L2VeVSC%2BTtXsfq0ASxOTqKB91eTeuo1rJ9McpNPaI60vZ9SXzHNfkYlkePjGU8L7mljVJDidNW9rAHp5lAchIGStDR4sb60g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aeecc9d156ae-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24578,"size_decoded":175066,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"de500cb49dff2bb22046945fb2d5e95e","sha1":"806ec5a8755fb10d7a21d200ed7ed656a1afe087","sha256":"e3fa03ac8c696c51e36e02c9daab0f410b297970fa9dbbd1b5e1057dda2e7eeb","sha512":"24eb65ed13f8af0d24cedeadbd3855b8844d55fd97ccf5c30bf26ba516ca447057616c9e0c1930d7c6134c529cc2b98f9684397a6ed83d2671a2c4d3fbbf9516","ssdeep":"1536:ATNKcFNKW7AFfEwwiAT5TUhpTTT5KTAdYqV:ATB/EF3wiAT5TCTTT5KTAZV","tlshash":"4504eab7de45a90c0e15450639b911c1b3b33b59da6740c6f3b4a6982be1cb8362e78f","first_seen":"2024-07-06T17:39:04Z","last_seen":"2024-08-19T17:49:29.714852Z","times_seen":2,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":2,"dns":1,"connect":8,"send":0,"wait":105,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/521667108:1720279573:zrUIiL7AFSlWfXy7khLRpWkcOb6gu2e0AHzS6r6YKWw/89f0aeb349fab511/20d7aab911f2c08","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.3.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:42.8439Z","timestamp":1720280322843,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/521667108:1720279573:zrUIiL7AFSlWfXy7khLRpWkcOb6gu2e0AHzS6r6YKWw/89f0aeb349fab511/20d7aab911f2c08 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z22j6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 20d7aab911f2c08\r\nContent-Length: 27573\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:37 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: HfOpiKschLQ8Mj0EMaPca0c2B8HMP8r0zOeHvLF3nxw+0G5tLB065UWOmJbMiDxF$GRFiu1JOwAcUOoooc4tKEg==\r\nserver: cloudflare\r\ncf-ray: 89f0aecd8dd8b511-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":18887,"size_decoded":23416,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (23416), with no line terminators","md5":"8f1f121c4d698c721924010fc3492672","sha1":"b813869b3df2da9c095d093b2cc59c1f3452bd28","sha256":"d8bf2e5910800e727679ce199512a368db39b72aed30fdb264e40d8643d60101","sha512":"23c7f93839b8624d8f3455795bdffc060d5bca1f1481afde470607ecebc5f01b0b7de49df23bfbfc2494e2886a7cda4e83f7f3d86f5b576f533fc36a9ebac0ce","ssdeep":"384:b+ufa/smA39lS5J47IJ/H/M9tO01VEwjt5Y8JFjw899sEkq4X7QZGfHjRQ1k8T:bh39lS5S7ifM9omZaUu89y9TcORKk8T","tlshash":"a3b2d1ecd99e088bd5321f4780956d1a187ac6d28462f0fd9ef03a9ba065c71d21bf73","first_seen":"2024-08-19T17:49:29.715629Z","last_seen":"2024-08-19T17:49:29.715629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/socket.io/?EIO=3\u0026transport=websocket","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:42.935064337Z","timestamp":1720280322935,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: http://femxa73e.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: rgsl2CWS6aWGwNqE5gE7dw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: BpxxJlSHhvewnOS2KeMdKyPZdhk=\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uZ5CRj4M45guCl8cYexgrVfEA%2BM80doyOWBhrzmLnGerLeneKY3D%2BBg7T5OvkKwjYGPUouxVswqx5qx30FDyC6AdtaKj800zzo2j1BWw86VFRPAhJYFpVbViqwUgLg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aef13b10b523-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/img/icons/favicon.svg","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.975Z","timestamp":1720280322975,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/icons/favicon.svg HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 4515\r\nLast-Modified: Sat, 06 Jul 2024 14:23:27 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8M46BYVfv3mQ8oCdDztGl3IeCL4KDq%2F16eHPkpEtDSxQreyr4gY9uWcy0CY70QTvSk3ZwU3efvnstLgKiJudNE7Y8Ayk%2BbvJMrxSVvEkw3RmlbaWWGtK549x1737oQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aef29ea256b9-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":993,"size_decoded":2706,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2706), with no line terminators","md5":"006fcff04c4deef4b6cb8ca7c83532ae","sha1":"51c9598590094feaa1e2dff124020bcde81f6bb4","sha256":"7075ddbe521056839c9b1b97e1573b5d0ba777ba28896932e48f7b834a410058","sha512":"e2371067860b9c984b89e059f95cf0f323f31b7c4a240a7ef643e2f6b7968ccf2abe39c175ee8ea3bbae5b6f022eeb90ebc544ed45f70908debaa47529f345af","ssdeep":"","tlshash":"2951fea38931a88e5320da7afd27f04dc852994ac958ec91b2cb61be18f0fd18573771","first_seen":"2024-07-06T17:39:05Z","last_seen":"2024-08-19T17:49:29.70587Z","times_seen":3,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/img/icons/apple-touch-icon-152x152.png","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.972Z","timestamp":1720280322972,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: image/png\r\nContent-Length: 4046\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 17:24:39 GMT\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 2123\r\nAccept-Ranges: bytes\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AdZxYcEE3vNwv71lawhJmZGPNwAzwc1tp9y88tQt9U5l7Y%2BLXeExhxHplcxDl7d4lUwDzS29DyQtUpEXLFYULsQgeZXTzHi8XL1RtMlt%2F6GJfLMW8yEQKQMAJCt1qw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89f0aef29f35b527-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4046,"size_decoded":4046,"mime_type":"image/png","magic":"PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced","md5":"1a034e64d80905128113e5272a5ab95e","sha1":"92328e60f63d690f33cd4961b9934a539dc29b82","sha256":"4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135","sha512":"663dccaa2273e1b381f202d9a47c850565289c7e663c511c3936e5609de51fcb61e1d088660ea9befce2609dbcd3ad6f815d043a87631b31fc596d0b14dfce86","ssdeep":"","tlshash":"e1816eddfa9cc6df85131d9b016f6185f83da0565efc3d06a4bb8d0a6822a601b017d5","first_seen":"2023-04-13T00:26:43Z","last_seen":"2026-05-08T22:59:52.22212Z","times_seen":1586,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/mBHhdeOtUVbjgvXPpocoWcfW","fqdn":"matrix-client.matrix.org","domain":"matrix.org","tld":"org"},"ip":{"addr":"104.20.76.252","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:43.804979065Z","timestamp":1720280323804,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /_matrix/media/r0/download/matrix.org/mBHhdeOtUVbjgvXPpocoWcfW HTTP/1.1\r\nHost: matrix-client.matrix.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 06 Jul 2024 15:38:42 GMT\r\ncontent-type: application/json\r\nsynapse-trace-id: 3b66ad921b376e5e\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date\r\naccess-control-expose-headers: Synapse-Trace-Id, Server\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: sandbox; default-src 'none'; script-src 'none'; plugin-types application/pdf; style-src 'unsafe-inline'; media-src 'self'; object-src 'self';\r\nx-content-security-policy: sandbox;\r\nreferrer-policy: no-referrer\r\ncache-control: no-cache, no-store, must-revalidate\r\npermissions-policy: interest-cohort=()\r\ncf-cache-status: BYPASS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 89f0aef14d945697-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":9010,"size_decoded":9010,"mime_type":"application/octet-stream","magic":"data","md5":"66e9761740c265cbc8798bbd0517edc5","sha1":"cff6205aba3eaa81623a9582738608c90c5f33cc","sha256":"30c32a80c38ae69fde4cb8b883d2a73c829f287c2946d689f7aa218284efb829","sha512":"e08711f30e54be3cd6444f26fab4ae7ddd0cc418a14bda6be0b321bdb93d770eb212e68c4e8fe27ac4b9fd01d9619f86d74c77a7045243359ef3bb7a4a79edd8","ssdeep":"192:4qEe5sbtDxcBzX3ZDrZz2ovHl/5VUxpS9:4qEgdZ56ovB5sg9","tlshash":"1e02bf5493d9b0aada0d937917eb6f725e9728090fc149c288c25ddf503f0e69bda3c2","first_seen":"2024-08-19T17:49:29.717595Z","last_seen":"2024-08-19T17:49:29.717595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.sectigochina.com/","fqdn":"ocsp.sectigochina.com","domain":"sectigochina.com","tld":"com"},"ip":{"addr":"104.18.38.66","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-06T15:38:43.964463448Z","timestamp":1720280323964,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.sectigochina.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:43 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 472\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Jul 2024 12:42:45 GMT\r\nExpires: Wed, 10 Jul 2024 12:42:44 GMT\r\nEtag: \"ccbc7f946866076a08a823875bce0b4d23e89c29\"\r\nCache-Control: max-age=335291,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb4\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 89f0aef81e0756cc-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"6f68381e0af1a7a5ae0ee325b3807ec3","sha1":"ccbc7f946866076a08a823875bce0b4d23e89c29","sha256":"02276b0af05d45f07f65564c1573977e0e063dca1d9091cb187dfd75946bc00b","sha512":"06076e1313ef74612a82db6f32ba5f20476c2cbbb181f561128b462dcbea83f45999d28a626a79bc9c3744c125bdd4ae6e87f9ea9fa5a42a39b3fc52187b282c","ssdeep":"","tlshash":"9cf0d4944d7238941425591f3ec5cdad2b4581c548a2259b703441b58cd9fa6490bc81","first_seen":"2024-07-03T15:48:59Z","last_seen":"2024-08-19T18:13:55.482909Z","times_seen":17,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"b.yzcdn.cn/vant/icon-demo-1126.png","fqdn":"b.yzcdn.cn","domain":"yzcdn.cn","tld":"cn"},"ip":{"addr":"154.85.69.53","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.608Z","timestamp":1720280322608,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.yzcdn.cn","organization":""},"issuer":{"commonName":"sslTrus (RSA) DV CA","organization":"sslTrus"},"validity":{"start":"Thu, 09 Nov 2023 00:00:00 GMT","end":"Mon, 09 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B","sha256":"8F:82:6E:D5:B3:3D:E4:86:5D:DF:2C:53:25:66:11:24:E4:90:98:24:8E:7F:82:F6:93:07:A1:AD:ED:96:2D:C4"}}},"request":{"raw":"GET /vant/icon-demo-1126.png HTTP/1.1\r\nHost: b.yzcdn.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 06 Jul 2024 15:38:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 8886\r\nserver: openresty\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\ncache-control: public, max-age=2592000\r\ncontent-disposition: inline; filename=\"icon-demo-1126.png\"; filename*=utf-8''icon-demo-1126.png\r\ncontent-md5: +HxG80alVIIkzL4La9dd9Q==\r\ncontent-transfer-encoding: binary\r\netag: \"Fo6Li9S6PmtshVfZSnJgYf3WJJL9\"\r\nlast-modified: Mon, 26 Nov 2018 11:08:05 GMT\r\nx-reqid: YyIAAAASg9geDiAX\r\nx-svr: IO\r\nx-qiniu-zone: 0\r\nx-log: X-Log\r\nx-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4\r\nx-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8886,"size_decoded":8886,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f87c46f346a5548224ccbe0b6bd75df5","sha1":"8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd","sha256":"b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370","sha512":"4852e453726de2f2c4481aaa661df24d111ce49e8f57e1fd8d23bd7db93ff78561a31d894ff6148ddbdd7ef9d99dafe0d7371b567aa7112a770e18ed17ab41dc","ssdeep":"192:T1ejBaEeCInIUI6F3BGA7sHrx6c+IYJY3mgE039sK/oeNo/vc7ga/:T1eFF+I+3A0U7E+9sKpkvcd/","tlshash":"5402aec508505081342287a9d818707d2a9aa626da7e0787ea6c3650ceb09f6f85bff0","first_seen":"2023-04-30T23:44:28Z","last_seen":"2026-03-19T20:01:49.172817Z","times_seen":1192,"resource_available":false,"data":null}},"time_used":2742,"timings":{"blocked":1357,"dns":884,"connect":25,"send":0,"wait":26,"receive":1,"ssl":446},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/mBHhdeOtUVbjgvXPpocoWcfW","fqdn":"matrix-client.matrix.org","domain":"matrix.org","tld":"org"},"ip":{"addr":"104.20.76.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.705Z","timestamp":1720280322705,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"matrix.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 31 May 2024 05:08:05 GMT","end":"Thu, 29 Aug 2024 05:08:04 GMT"},"fingerprint":{"sha1":"95:53:E2:B9:11:52:CA:D3:E5:8C:B6:CC:4B:C2:49:BA:AA:23:50:96","sha256":"D6:90:3B:E3:CD:DE:E0:E8:DF:6D:6F:E0:A3:F2:6D:F4:7D:2D:B6:E9:0D:18:90:07:E7:D6:43:6C:4F:44:DD:5A"}}},"request":{"raw":"GET /_matrix/media/r0/download/matrix.org/mBHhdeOtUVbjgvXPpocoWcfW HTTP/1.1\r\nHost: matrix-client.matrix.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 06 Jul 2024 15:38:42 GMT\r\ncontent-type: application/json\r\nsynapse-trace-id: 3b66ad921b376e5e\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date\r\naccess-control-expose-headers: Synapse-Trace-Id, Server\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: sandbox; default-src 'none'; script-src 'none'; plugin-types application/pdf; style-src 'unsafe-inline'; media-src 'self'; object-src 'self';\r\nx-content-security-policy: sandbox;\r\nreferrer-policy: no-referrer\r\ncache-control: no-cache, no-store, must-revalidate\r\npermissions-policy: interest-cohort=()\r\ncf-cache-status: BYPASS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 89f0aef14d945697-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":64,"dns":27,"connect":8,"send":0,"wait":58,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"femxa73e.cc/getlog","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.671Z","timestamp":1720280322671,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /getlog HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://femxa73e.cc/enter/register\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=h078G9JeqQgEJQFFgvyuHkg7%2FyPlrDhXIwEEXF%2F4Sow%2BjyDhYb5O8Xh81%2FvkYLGzb4%2FIjTj0pfpsYZXEACn27WDyJ9jQ1aQUwDq%2FInCPuS1OM%2FRPXeDq9qYNJ7RgiA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aef0aafdb527-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11961,"size_decoded":11961,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"aa4095db15963cf30837def560e6cca3","sha1":"7bcf9bb6b5b92db8365d8ee806ed22bb32671ea3","sha256":"1af1bfdf18fda8c92e29414ac70e49cd82a3e7da42cf12e9659ff97053a02347","sha512":"04e1e8782a61598964f5fa8287a4f4ef65452178ec79435a229417ee0d7f7896763b3486497c3d190aa9333a59fba483d607d29a5453ba82a330db65b3f09df4","ssdeep":"96:v20RVHPUuA26i55zZBODr6G/5C5TeCwT63ZTBhaJm2Wg3M:v2AUu4INZy6Gx87Hjg3M","tlshash":"2632f4b81be8746c31316895adf43c4390ce6275c9c14ae1efcb4f8e71658e75a0b7a2","first_seen":"2024-08-19T17:49:29.719599Z","last_seen":"2024-08-19T17:49:29.719599Z","times_seen":1,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":146,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"femxa73e.cc/socket.io/?EIO=3\u0026transport=websocket","fqdn":"femxa73e.cc","domain":"femxa73e.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://femxa73e.cc/","date":"2024-07-06T15:38:42.666Z","timestamp":1720280322666,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"femxa73e.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Jul 2024 11:39:36 GMT","end":"Mon, 30 Sep 2024 11:39:35 GMT"},"fingerprint":{"sha1":"61:DF:03:9D:4A:66:60:22:CA:4F:28:2E:E5:02:5B:BE:45:CB:FA:3B","sha256":"77:D1:94:77:5D:66:0A:CF:BD:58:4A:02:4F:E1:58:15:F5:BE:06:8D:80:AE:88:A5:81:D2:84:8E:92:74:76:6E"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: femxa73e.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: http://femxa73e.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: rgsl2CWS6aWGwNqE5gE7dw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: cf_clearance=yuWo_vxozu4V7CpeDiTtxtdwV3AVQ7R0TvfNbuIzho0-1720280312-1.0.1.1-BbCPNmxiwPnAwTGFTDCETUANrq4pqQBHFF0gl4SaPQaSVRHfLko5qWTfiIAmDYFyVS0ighNp.ngFpVlgFTWbzA; inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Sat, 06 Jul 2024 15:38:42 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: BpxxJlSHhvewnOS2KeMdKyPZdhk=\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uZ5CRj4M45guCl8cYexgrVfEA%2BM80doyOWBhrzmLnGerLeneKY3D%2BBg7T5OvkKwjYGPUouxVswqx5qx30FDyC6AdtaKj800zzo2j1BWw86VFRPAhJYFpVbViqwUgLg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 89f0aef13b10b523-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":0,"dns":48,"connect":56,"send":0,"wait":176,"receive":0,"ssl":84},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-06","alert":"Sinkholed","trigger":"femxa73e.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}