{"report_id":"9d5e8a70-4ebf-4e50-9341-0abc634bdc53","version":6,"status":"done","tags":[],"date":"2024-07-03T23:39:30Z","url":{"schema":"http","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"title":"Sign in to your account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T11:22:48Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"hmm7.sa.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-07-26","domain_rank":0,"first_seen":"2023-08-08 22:52:47","last_seen":"2024-03-13 16:58:25","alert_count":1,"request_count":1,"received_data":0,"sent_data":491,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"2.23.172.203","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-02 18:12:35","alert_count":0,"request_count":8,"received_data":7103,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2024-01-17 06:45:49","last_seen":"2024-03-19 18:16:10","alert_count":2,"request_count":2,"received_data":141918,"sent_data":997,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-07-03 09:45:46","alert_count":0,"request_count":1,"received_data":30660,"sent_data":437,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msftauth.net","ip":{"addr":"152.199.21.175","port":443,"asn":15133,"as":"EDGECAST","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-25","domain_rank":1455,"first_seen":"2018-11-19 11:50:32","last_seen":"2024-07-03 18:12:08","alert_count":0,"request_count":2,"received_data":3667,"sent_data":1067,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.44","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2024-07-03 18:12:08","alert_count":0,"request_count":2,"received_data":2459,"sent_data":1032,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-07-02","alert":"Office365","trigger":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-01-24","alert":"Microsoft","trigger":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","verdict":"phishing","severity":"medium","comment":"Microsoft","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-03","alert":"Sinkholed","trigger":"hmm7.sa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-04T02:46:27.873201Z","times_seen":138358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b4d41568a3a8fbfc556bf436bee4995a","sha1":"8bb08698ef5bef068979298f4c06ea41a813558d","sha256":"d096c035699d16c11a8fa5b37e06ecf0cc1e5a62e874a3fb255dcc2ff7a60bb2","sha512":"8615322663eddcfc62154a4a923faca1fa62cc0969effd7175022973f4c6e4c662ba26cb3be8be9e86180e28477fe21b32840a9d001503e4ce3d8eb66c6ea471","ssdeep":"","tlshash":"da512f86f36c765730761038982f25c82b2e69f379048f73fc7456a45aa0e1bb83ad24","size":2890,"data":"","first_seen":"2024-01-17T15:26:20Z","last_seen":"2024-09-20T20:03:35.834738Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"398d45527ac0f5c79f262839f98ec3f1","sha1":"960b8b802581eead9fa02ff4483a85d2b7cf939a","sha256":"76da592798ee5b41a444eebf66d08d461bc826db30df367fd21c85862ca82db0","sha512":"4f0673fd82e75fde270a4f037f33e1a1ff5b8f10ff0aeef6ac273f88d134fd2f8c3faa353dcc2701fc7c9a748828ca45ab792e5f883a8601dc63ef5f7c1f70b0","ssdeep":"","tlshash":"42d0235775d1597445ff773e2347c2443d7140b174183e5124484e314c30d545766a41","size":217,"data":"","first_seen":"2023-03-07T01:18:27Z","last_seen":"2026-03-23T09:16:11.72635Z","times_seen":2676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.203","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:04.268307461Z","timestamp":1720049944268,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4778C960B009C229DBB555FF7679B6D245D6F7111FD66FD5C514847B06ACDBB\"\r\nLast-Modified: Wed, 03 Jul 2024 01:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6684\r\nExpires: Thu, 04 Jul 2024 01:30:28 GMT\r\nDate: Wed, 03 Jul 2024 23:39:04 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"957cd8e6bd774045d4cab550ce76f80a","sha1":"d06d4246273e9ba4fba69494038c77f5c53aadb6","sha256":"e4778c960b009c229dbb555ff7679b6d245d6f7111fd66fd5c514847b06acdbb","sha512":"622e80a3c0127ea2ba7645aa24082f8e9ae5f7df651dcc4beb756a9afae0d5402dbf265b8ca710cfffe466df25151989555956e2f08984e8e09327a6b086dfb5","ssdeep":"","tlshash":"4ef00e9213e77a80aaa009236eece53d1d3c6a6c261502f017e041fb9869bb64184888","first_seen":"2024-07-03T08:47:34Z","last_seen":"2024-08-19T18:16:08.498809Z","times_seen":45866,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.203","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:04.604038574Z","timestamp":1720049944604,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BDCA7CE7BB6FEBD6A6AFB56A828CF4422C1A8971524484E8128CAFAD8E6B3367\"\r\nLast-Modified: Tue, 02 Jul 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13102\r\nExpires: Thu, 04 Jul 2024 03:17:26 GMT\r\nDate: Wed, 03 Jul 2024 23:39:04 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b8ee6ca153df6819132dd5d8a6ba5c76","sha1":"0ed0f0f631777272bd71ba23719e71695c9d95e1","sha256":"bdca7ce7bb6febd6a6afb56a828cf4422c1a8971524484e8128cafad8e6b3367","sha512":"bfa4d85450474abedf68b006d8f30686ac28d6691b099c832135f7f396dc714182b2a3b00a02a1e4d84801d5b94e405e6aaf5d07b1a71b8a9dd156879e3ce268","ssdeep":"","tlshash":"f3f005963377bf6057b01b20689ce77f0e56ad6e644479b8289053927c00bf1454486c","first_seen":"2024-07-02T15:39:03Z","last_seen":"2024-08-19T18:21:34.826446Z","times_seen":54016,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.203","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:04.845144225Z","timestamp":1720049944845,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C6035FCD2C47B60FECBB2F86F67249E4FE21736A75C6CF000F5E9212F88C154D\"\r\nLast-Modified: Tue, 02 Jul 2024 04:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16072\r\nExpires: Thu, 04 Jul 2024 04:06:56 GMT\r\nDate: Wed, 03 Jul 2024 23:39:04 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6809014b6f52128eea64522a888ef559","sha1":"c5403c0900fff6604a4f58e3cd83a67d587c7ac2","sha256":"c6035fcd2c47b60fecbb2f86f67249e4fe21736a75c6cf000f5e9212f88c154d","sha512":"801af9f68b5529510a4dba30d678b1935c39b4d1cf8e354299e201ad3d869abae00b8a7b7d87b502b73f5a07afdfc5389b499209f3165ff17c9971c66889326c","ssdeep":"","tlshash":"bbf005b61bd42e51117558123994d12d6e307b6d34c07df670f001956115f6609fc8c8","first_seen":"2024-07-02T10:19:33Z","last_seen":"2024-08-19T18:23:46.486446Z","times_seen":21711,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-03T23:39:04.760Z","timestamp":1720049944760,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 14:44:39 GMT","end":"Sun, 01 Sep 2024 14:44:38 GMT"},"fingerprint":{"sha1":"00:AA:40:3F:3E:AE:B0:85:C2:A1:9B:9E:8B:A4:F4:21:D4:DE:DD:AC","sha256":"13:ED:54:7B:A6:19:38:44:7C:FC:30:0F:AA:EE:02:A6:C2:BF:14:FD:56:BB:32:AC:DF:B0:CB:59:D8:62:77:99"}}},"request":{"raw":"GET /oduma.html HTTP/1.1\r\nHost: pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 03 Jul 2024 23:39:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 114252\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"29799f15df2c568a1f0b4d1355ee8bc8\"\r\nLast-Modified: Wed, 17 Jan 2024 01:54:40 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89dab67b599d8f59-CPH\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114252,"size_decoded":114252,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (65131), with CRLF line terminators","md5":"29799f15df2c568a1f0b4d1355ee8bc8","sha1":"2dd91a12ac4ab241bcc68e0926e8e842ee5b2a9e","sha256":"7e56838006eb036e778b3abeec5c47a8c291991c177c6013948b33bb67bc800a","sha512":"456c2bcc09c7422790e5968d0ac5b6a82eabe0d16f43d37a2f75e9d9227e74728b529e2f8e123d77b38c7627080aa6baf7019e30b66e80f840d818c756a4ee28","ssdeep":"1536:DxoBMCgKy+U5KazA/PWrF7qvEAFiQcpm2CkMgpC490aS67VxUkbjqM:loBgp4490v6","tlshash":"d3b3d8906914392a9037c73671d1bd8b62251433e737aeb7f6752cb8cf896870f32a49","first_seen":"2024-01-17T15:26:20Z","last_seen":"2024-09-20T20:03:35.825146Z","times_seen":13,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":87,"dns":1,"connect":26,"send":0,"wait":131,"receive":56,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-07-02","alert":"Office365","trigger":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-01-24","alert":"Microsoft","trigger":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","verdict":"phishing","severity":"medium","comment":"Microsoft","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.231Z","timestamp":1720049945231,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.1.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-152b5\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 03 Jul 2024 23:39:05 GMT\r\nage: 3779588\r\nx-served-by: cache-lga21947-LGA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 118, 10441\r\nx-timer: S1720049945.302204,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30070\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30070,"size_decoded":86709,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-04T02:46:27.873201Z","times_seen":138358,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":67,"dns":28,"connect":13,"send":0,"wait":13,"receive":5,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.21.175","port":443,"asn":15133,"as":"EDGECAST","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.234Z","timestamp":1720049945234,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B1:17:F7:9C:C3:3B:5F:54:73:D7:58:28:5F:C7:CE:E9:AC:39:CD:8F","sha256":"2C:99:6E:B7:25:3D:6C:83:43:C5:09:43:2A:9D:9B:4A:F9:30:50:CC:3A:1E:7A:31:29:CE:50:E4:8A:F1:D9:03"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 8530318\r\ncache-control: public, max-age=31536000\r\ncontent-md5: nzaLxFgP7ZB3dfMcaybWzw==\r\ncontent-type: image/svg+xml\r\ndate: Wed, 03 Jul 2024 23:39:05 GMT\r\netag: 0x8D79A1B9F5E121A\r\nlast-modified: Thu, 16 Jan 2020 00:32:52 GMT\r\nserver: ECAcc (ska/F76D)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: a1e45449-701e-0068-210c-804015000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 1435\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1435,"size_decoded":3651,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-04-04T01:17:13.960275Z","times_seen":122134,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":74,"dns":55,"connect":7,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msftauth.net","domain":"msftauth.net","tld":"net"},"ip":{"addr":"152.199.21.175","port":443,"asn":15133,"as":"EDGECAST","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.401Z","timestamp":1720049945401,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msftauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 25 May 2024 00:00:00 GMT","end":"Sun, 25 May 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B1:17:F7:9C:C3:3B:5F:54:73:D7:58:28:5F:C7:CE:E9:AC:39:CD:8F","sha256":"2C:99:6E:B7:25:3D:6C:83:43:C5:09:43:2A:9D:9B:4A:F9:30:50:CC:3A:1E:7A:31:29:CE:50:E4:8A:F1:D9:03"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msftauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\nage: 8715954\r\ncache-control: public, max-age=31536000\r\ncontent-md5: DhdidjYrlCeaRJJRG/y9mA==\r\ncontent-type: image/svg+xml\r\ndate: Wed, 03 Jul 2024 23:39:05 GMT\r\netag: 0x8D7B007297AE131\r\nlast-modified: Wed, 12 Feb 2020 22:01:50 GMT\r\nserver: ECAcc (ska/F732)\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 52d23733-f01e-004c-3a5c-7e7d2e000000\r\nx-ms-version: 2009-09-19\r\ncontent-length: 673\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":1864,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-04-03T21:19:12.211025Z","times_seen":102165,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.44","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.235Z","timestamp":1720049945235,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Jul 2024 23:39:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 276\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 17 Jan 2020 19:28:34 GMT\r\netag: 0x8D79B8371B97A82\r\nx-ms-request-id: 799a1983-201e-0030-154d-c6c48f000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240703T233905Z-17d85d5877ctmjvkbpkmcchggn0000000deg0000000074x9\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":276,"size_decoded":513,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a9cc2824ef3517b6c4160dcf8ff7d410","sha1":"8db9aebad84ca6e4225bfdd2458ff3821cc4f064","sha256":"34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58","sha512":"aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f","ssdeep":"","tlshash":"29f0598a41c8fb142ce08050dff8ea28540270c3fb4e5008b1922b18e2ef383f6406f5","first_seen":"2023-04-19T20:10:52Z","last_seen":"2026-04-03T21:19:12.209768Z","times_seen":29641,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":236,"dns":190,"connect":21,"send":0,"wait":21,"receive":1,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.44","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.237Z","timestamp":1720049945237,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Apr 2024 00:00:00 GMT","end":"Wed, 30 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"6A:6B:06:6C:38:1D:81:38:3D:3B:76:61:6D:C7:02:CD:B4:A1:F5:AD","sha256":"D1:97:1B:C2:0B:1F:EB:FD:E2:87:C1:FF:57:86:B6:39:C8:7F:8C:08:C2:B5:09:8B:A1:BE:2F:B1:05:3B:5C:53"}}},"request":{"raw":"GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Jul 2024 23:39:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 621\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 10 Nov 2020 03:41:24 GMT\r\netag: 0x8D8852A7FA6B761\r\nx-ms-request-id: 1949cd12-901e-0077-17b0-cac690000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240703T233905Z-17d85d5877ctmjvkbpkmcchggn0000000deg0000000074x8\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":621,"size_decoded":1592,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4e48046ce74f4b89d45037c90576bfac","sha1":"4a41b3b51ed787f7b33294202da72220c7cd2c32","sha256":"8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93","sha512":"b2bba2a68edaa1a08cfa31ed058afb5e6a3150aabb9a78db9f5ccc2364186d44a015986a57707b57e2cc855fa7da57861ad19fc4e7006c2c239c98063fe903cf","ssdeep":"","tlshash":"b931787f43b45ae7239017741760626c13f4ee917169d0b4dba30c9a8d4bd33327843a","first_seen":"2023-04-14T20:16:11Z","last_seen":"2026-04-04T03:10:18.95557Z","times_seen":71691,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":234,"dns":190,"connect":21,"send":0,"wait":22,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/favicon.ico","fqdn":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","domain":"pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.670Z","timestamp":1720049945670,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 14:44:39 GMT","end":"Sun, 01 Sep 2024 14:44:38 GMT"},"fingerprint":{"sha1":"00:AA:40:3F:3E:AE:B0:85:C2:A1:9B:9E:8B:A4:F4:21:D4:DE:DD:AC","sha256":"13:ED:54:7B:A6:19:38:44:7C:FC:30:0F:AA:EE:02:A6:C2:BF:14:FD:56:BB:32:AC:DF:B0:CB:59:D8:62:77:99"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 03 Jul 2024 23:39:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 27150\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 89dab6808c948f59-CPH\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":27150,"size_decoded":27150,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (611)","md5":"46dd133ee00dc1bae5e4eeba7b88432f","sha1":"8af86a4ac91ce48c062216fb94a6e1d57618a19b","sha256":"9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66","sha512":"cb49f9e3812e2c262af374e79bd8905cb508a45bf2c2d6af62eed85af43770872486a55e9425882feda9fb3a57a317a3c18be1e286adaf0c76be7f1b0dfa8474","ssdeep":"384:6bamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:603Mp5If8WOmgW3","tlshash":"e3c291dc7be968e4e5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2024-07-03T19:18:11Z","last_seen":"2026-04-03T22:44:42.264604Z","times_seen":30074,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":91,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.201","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:06.604695072Z","timestamp":1720049946604,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A6AD831046E57007E12F62B75B6FC71963F13823E799A3E25E618EE09A3C9D27\"\r\nLast-Modified: Wed, 03 Jul 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19393\r\nExpires: Thu, 04 Jul 2024 05:02:19 GMT\r\nDate: Wed, 03 Jul 2024 23:39:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20f6da3946882ea83e1d78dfaedbf953","sha1":"1a8f214ff6a98dae0e57244bac88b6721452a40c","sha256":"a6ad831046e57007e12f62b75b6fc71963f13823e799a3e25e618ee09a3c9d27","sha512":"e72f13f6ada836c1dd103fc9cc2fc7c45d3e4f42309dea8e5decfd15ba8f674666d9402d33639001e5fcdb690035335003943523a7ddd65fbb6c047b28b4c753","ssdeep":"","tlshash":"3ff00e1936debc835ae1096a2cf9f52e24282e9b354408a8399022b26c107aa45d948e","first_seen":"2024-07-03T10:33:03Z","last_seen":"2024-08-19T18:15:37.977555Z","times_seen":49369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.201","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:06.605702512Z","timestamp":1720049946605,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A6AD831046E57007E12F62B75B6FC71963F13823E799A3E25E618EE09A3C9D27\"\r\nLast-Modified: Wed, 03 Jul 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19393\r\nExpires: Thu, 04 Jul 2024 05:02:19 GMT\r\nDate: Wed, 03 Jul 2024 23:39:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20f6da3946882ea83e1d78dfaedbf953","sha1":"1a8f214ff6a98dae0e57244bac88b6721452a40c","sha256":"a6ad831046e57007e12f62b75b6fc71963f13823e799a3e25e618ee09a3c9d27","sha512":"e72f13f6ada836c1dd103fc9cc2fc7c45d3e4f42309dea8e5decfd15ba8f674666d9402d33639001e5fcdb690035335003943523a7ddd65fbb6c047b28b4c753","ssdeep":"","tlshash":"3ff00e1936debc835ae1096a2cf9f52e24282e9b354408a8399022b26c107aa45d948e","first_seen":"2024-07-03T10:33:03Z","last_seen":"2024-08-19T18:15:37.977555Z","times_seen":49369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.201","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:06.623201105Z","timestamp":1720049946623,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A6AD831046E57007E12F62B75B6FC71963F13823E799A3E25E618EE09A3C9D27\"\r\nLast-Modified: Wed, 03 Jul 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19393\r\nExpires: Thu, 04 Jul 2024 05:02:19 GMT\r\nDate: Wed, 03 Jul 2024 23:39:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20f6da3946882ea83e1d78dfaedbf953","sha1":"1a8f214ff6a98dae0e57244bac88b6721452a40c","sha256":"a6ad831046e57007e12f62b75b6fc71963f13823e799a3e25e618ee09a3c9d27","sha512":"e72f13f6ada836c1dd103fc9cc2fc7c45d3e4f42309dea8e5decfd15ba8f674666d9402d33639001e5fcdb690035335003943523a7ddd65fbb6c047b28b4c753","ssdeep":"","tlshash":"3ff00e1936debc835ae1096a2cf9f52e24282e9b354408a8399022b26c107aa45d948e","first_seen":"2024-07-03T10:33:03Z","last_seen":"2024-08-19T18:15:37.977555Z","times_seen":49369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.201","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:06.624403224Z","timestamp":1720049946624,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A6AD831046E57007E12F62B75B6FC71963F13823E799A3E25E618EE09A3C9D27\"\r\nLast-Modified: Wed, 03 Jul 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19393\r\nExpires: Thu, 04 Jul 2024 05:02:19 GMT\r\nDate: Wed, 03 Jul 2024 23:39:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20f6da3946882ea83e1d78dfaedbf953","sha1":"1a8f214ff6a98dae0e57244bac88b6721452a40c","sha256":"a6ad831046e57007e12f62b75b6fc71963f13823e799a3e25e618ee09a3c9d27","sha512":"e72f13f6ada836c1dd103fc9cc2fc7c45d3e4f42309dea8e5decfd15ba8f674666d9402d33639001e5fcdb690035335003943523a7ddd65fbb6c047b28b4c753","ssdeep":"","tlshash":"3ff00e1936debc835ae1096a2cf9f52e24282e9b354408a8399022b26c107aa45d948e","first_seen":"2024-07-03T10:33:03Z","last_seen":"2024-08-19T18:15:37.977555Z","times_seen":49369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"2.23.172.201","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-03T23:39:06.633306892Z","timestamp":1720049946633,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A6AD831046E57007E12F62B75B6FC71963F13823E799A3E25E618EE09A3C9D27\"\r\nLast-Modified: Wed, 03 Jul 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19393\r\nExpires: Thu, 04 Jul 2024 05:02:19 GMT\r\nDate: Wed, 03 Jul 2024 23:39:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20f6da3946882ea83e1d78dfaedbf953","sha1":"1a8f214ff6a98dae0e57244bac88b6721452a40c","sha256":"a6ad831046e57007e12f62b75b6fc71963f13823e799a3e25e618ee09a3c9d27","sha512":"e72f13f6ada836c1dd103fc9cc2fc7c45d3e4f42309dea8e5decfd15ba8f674666d9402d33639001e5fcdb690035335003943523a7ddd65fbb6c047b28b4c753","ssdeep":"","tlshash":"3ff00e1936debc835ae1096a2cf9f52e24282e9b354408a8399022b26c107aa45d948e","first_seen":"2024-07-03T10:33:03Z","last_seen":"2024-08-19T18:15:37.977555Z","times_seen":49369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hmm7.sa.com/4setup/prv.php?id=","fqdn":"hmm7.sa.com","domain":"hmm7.sa.com","tld":"sa.com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/oduma.html","date":"2024-07-03T23:39:05.571Z","timestamp":1720049945571,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /4setup/prv.php?id= HTTP/1.1\r\nHost: hmm7.sa.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-a50ba8a31eda4fd5acfa55b5fd1d4ca2.r2.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":271,"dns":0,"connect":89,"send":0,"wait":0,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-03","alert":"Sinkholed","trigger":"hmm7.sa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}