{"report_id":"9d6e410c-312d-4046-81f2-eb051ea7671c","version":6,"status":"done","tags":[],"date":"2023-11-16T03:16:28Z","url":{"schema":"http","addr":"www.eroticlinks.net/cgi-bin/atx/out.cgi?id=739\u0026tag=top\u0026trade=Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"ip":{"addr":"204.155.154.55","port":0,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"www.eroticlinks.net/cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"title":"404 Not Found"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T13:28:21Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"zerossl.ocsp.sectigo.com","ip":{"addr":"104.18.38.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-08-16","domain_rank":4049,"first_seen":"2020-05-09 21:05:29","last_seen":"2023-11-15 18:56:30","alert_count":0,"request_count":1,"received_data":1219,"sent_data":338,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.eroticlinks.net","ip":{"addr":"204.155.154.55","port":443,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"domain_registered":"2003-01-03","domain_rank":0,"first_seen":"2013-04-25 04:14:12","last_seen":"2023-08-30 12:03:24","alert_count":0,"request_count":4,"received_data":1581,"sent_data":2146,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-16T03:16:11Z","timestamp":1700104571,"ip_dst":{"addr":"Client IP","port":42518,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"204.155.154.55","port":443,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2023-11-16T03:16:11.509622+0000\",\"flow_id\":2174522773704636,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"204.155.154.55\",\"src_port\":443,\"dest_ip\":\"10.70.215.35\",\"dest_port\":42518,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_11_23\"]}},\"tls\":{\"subject\":\"CN=eroticlinks.net\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"7F:E2:30:47:38:DC:D2:84:CB:D0:6E:89:AF:07:B1:C8\",\"fingerprint\":\"c7:b2:6b:99:0d:2e:0b:b1:40:87:88:96:a9:4f:3e:c0:c5:0d:d7:37\",\"sni\":\"www.eroticlinks.net\",\"version\":\"TLS 1.2\",\"notbefore\":\"2023-10-09T00:00:00\",\"notafter\":\"2024-01-07T23:59:59\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"263c859c5391203d774bc0599793d915\",\"string\":\"771,49200,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1278,\"bytes_toclient\":5808,\"start\":\"2023-11-16T03:16:11.102332+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"104.18.38.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-16T03:16:11.598258415Z","timestamp":1700104571598,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 Nov 2023 03:16:11 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 727\r\nConnection: keep-alive\r\nLast-Modified: Wed, 15 Nov 2023 21:25:56 GMT\r\nExpires: Wed, 22 Nov 2023 21:25:55 GMT\r\nEtag: \"b209e1e92fcd248c536c00470c3354b7b5eaf59f\"\r\nCache-Control: max-age=583183,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb3\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 826c92e05b98b4fa-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":727,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"120327e30a8370c350af2d7a71c9e8bf","sha1":"b209e1e92fcd248c536c00470c3354b7b5eaf59f","sha256":"cf7af5ca921eedfb30d910b36cad8f6c55b0b77aaecf7fd3c5de926157092c68","sha512":"df9c26024568fd8ec1580596a3a2d4523497113f1faef89eade9c4cab246f2319259ceca984a7d9f13ea5922492d389f2f5b514f0ec873063480007c92ea6422","ssdeep":"","tlshash":"8e0115314d72b35c4e626fb025d4baf9744185f03c57c47236bc88c3289ddea857a559","first_seen":"2023-11-16T04:16:28Z","last_seen":"2023-11-16T04:16:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.eroticlinks.net/cgi-bin/atx/out.cgi?id=739\u0026tag=top\u0026trade=Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"ip":{"addr":"204.155.154.55","port":443,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-16T03:16:11.106Z","timestamp":1700104571106,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"eroticlinks.net","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 09 Oct 2023 00:00:00 GMT","end":"Sun, 07 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"C7:B2:6B:99:0D:2E:0B:B1:40:87:88:96:A9:4F:3E:C0:C5:0D:D7:37","sha256":"DA:42:EC:40:92:23:B5:FA:F6:8A:C9:2B:B9:C5:E5:A3:D6:81:47:B2:D4:92:62:E2:0E:29:7F:E8:6F:9F:43:5A"}}},"request":{"raw":"GET /cgi-bin/atx/out.cgi?id=739\u0026tag=top\u0026trade=Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040 HTTP/1.1\r\nHost: www.eroticlinks.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 16 Nov 2023 03:16:11 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 257\r\nConnection: keep-alive\r\nSet-Cookie: atexc=0,1,2,3,4,5,6,7,739,$$; path=/;\r\nLocation: Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":257,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"0f64ec1c29a6c1ac7708f13d3349a076","sha1":"0c3efe33caae9d2aa02b3041348c3c25b866dfde","sha256":"2cbf677988f8a5dba845fd37e5d052556689450f85adebef4256626b2ba71d7c","sha512":"1a6d303d1d077bdeebc8d2a89779d803d30ecc77df00cadc97530a0ac0f863dc8430852cf4e3b99a23f91c23b6f7a9718a3c5997bfd181114b99e15446634fb2","ssdeep":"","tlshash":"e6d097fe50633ac5c0333a0178c222c0082911b3b994aaec79c3e58a849863984cf2ab","first_seen":"2023-11-16T04:16:28Z","last_seen":"2023-11-16T04:16:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1126,"timings":{"blocked":492,"dns":1,"connect":130,"send":0,"wait":137,"receive":0,"ssl":364},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.eroticlinks.net/cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"ip":{"addr":"204.155.154.55","port":80,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-16T03:16:12.950Z","timestamp":1700104572950,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040 HTTP/1.1\r\nHost: www.eroticlinks.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: atexc=0,1,2,3,4,5,6,7,739,$$\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 16 Nov 2023 03:16:12 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":178,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-04-06T08:15:43.597489Z","times_seen":90269,"resource_available":true,"data":null}},"time_used":910,"timings":{"blocked":120,"dns":1,"connect":130,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.eroticlinks.net/cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"ip":{"addr":"204.155.154.55","port":80,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-16T03:16:12.950Z","timestamp":1700104572950,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040 HTTP/1.1\r\nHost: www.eroticlinks.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: atexc=0,1,2,3,4,5,6,7,739,$$\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 16 Nov 2023 03:16:13 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":178,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-04-06T08:15:43.597489Z","times_seen":90269,"resource_available":true,"data":null}},"time_used":910,"timings":{"blocked":120,"dns":1,"connect":130,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.eroticlinks.net/favicon.ico","fqdn":"www.eroticlinks.net","domain":"eroticlinks.net","tld":"net"},"ip":{"addr":"204.155.154.55","port":80,"asn":40824,"as":"WZCOM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.eroticlinks.net/cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040","date":"2023-11-16T03:16:13.904Z","timestamp":1700104573904,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.eroticlinks.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.eroticlinks.net/cgi-bin/atx/Classifieds.lt/index.php?page=user\u0026action=pub_profile\u0026id=13587040\r\nCookie: atexc=0,1,2,3,4,5,6,7,739,$$\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 16 Nov 2023 03:16:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":107,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-06T08:11:59.913554Z","times_seen":480380,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}