{"report_id":"a3250e0c-8b9e-44de-82c9-3de7a6620151","version":6,"status":"done","tags":[],"date":"2024-07-23T12:49:49Z","url":{"schema":"http","addr":"zikaifegsurvey.top/","fqdn":"zikaifegsurvey.top","domain":"zikaifegsurvey.top","tld":"top"},"ip":{"addr":"104.21.89.246","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"zikaifegsurvey.top/","fqdn":"zikaifegsurvey.top","domain":"zikaifegsurvey.top","tld":"top"},"title":"zikaifegsurvey.top/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T08:35:10Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-22 18:12:14","alert_count":0,"request_count":8,"received_data":7096,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zikaifegsurvey.top","ip":{"addr":"172.67.166.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-06-28","domain_rank":0,"first_seen":"2023-07-19 00:11:49","last_seen":"2024-05-21 15:53:09","alert_count":2,"request_count":2,"received_data":9964,"sent_data":918,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-23","alert":"Sinkholed","trigger":"zikaifegsurvey.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-23","alert":"Sinkholed","trigger":"zikaifegsurvey.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:23.804596438Z","timestamp":1721738963804,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23C60C02F8A6F1F7FE01F9F4661CF04A03C046522201927DFA7C51CEBA6C5449\"\r\nLast-Modified: Sat, 20 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4065\r\nExpires: Tue, 23 Jul 2024 13:57:08 GMT\r\nDate: Tue, 23 Jul 2024 12:49:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3bd6a6d19bf0ab70e4e0cd3d2833afe1","sha1":"0dd2ee68cf939d2482a9b30bf767f412eb97e492","sha256":"23c60c02f8a6f1f7fe01f9f4661cf04a03c046522201927dfa7c51ceba6c5449","sha512":"2e01c67cd9f5eecbeac5c7c4e463f8ad2732b6e5fd0845fd838ab0a28c7992f6d10d7066384259bcb6961c570ce6c6e053a3fb60ed0f28c74fadf86a2e61c8e5","ssdeep":"","tlshash":"3cf0750229d17d81e564211e39c8db384d30e5d8304008e0bdc047e77212bc4054d47f","first_seen":"2024-07-21T03:16:15Z","last_seen":"2024-08-19T16:13:38.634572Z","times_seen":19895,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:23.852194264Z","timestamp":1721738963852,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8B733A635618582DDA467895C8500629631E4E1B57FA0A2005ED094CA7EAE3CF\"\r\nLast-Modified: Tue, 23 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8228\r\nExpires: Tue, 23 Jul 2024 15:06:31 GMT\r\nDate: Tue, 23 Jul 2024 12:49:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"924327fa04d108458b0225e7ebe4183b","sha1":"93e78c953751bfdf53094ddb3cce58550d953bbf","sha256":"8b733a635618582dda467895c8500629631e4e1b57fa0a2005ed094ca7eae3cf","sha512":"4742abef26e88ac6464d22dca7c7014a3899988d5556ffb6a31b857d6dc82ae972d2c2fcca067aa5d18e6fdd32ac8695276c3979b56fa2dd0532d163cb3c0192","ssdeep":"","tlshash":"ddf075d612f2b5509530320d45f4f10668745ef6798501c390a012dbbc01be59a48045","first_seen":"2024-07-23T12:11:20Z","last_seen":"2024-08-19T16:00:18.646402Z","times_seen":10871,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:24.133635246Z","timestamp":1721738964133,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"47728D98A42F446EBA80EBC8F2ECF23B7C715054884CA16D357D1D301A441768\"\r\nLast-Modified: Tue, 23 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3930\r\nExpires: Tue, 23 Jul 2024 13:54:54 GMT\r\nDate: Tue, 23 Jul 2024 12:49:24 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a3c611a5284d44a90e480768ae5bddec","sha1":"b403635d82747515139fb262c717283d0f23500c","sha256":"47728d98a42f446eba80ebc8f2ecf23b7c715054884ca16d357d1d301a441768","sha512":"ed88eec33faeee558b6aa1690c37dd438c69b3cea9dc352bb7f30dbf30a798cf234bf2cedd771606eb1ee43727ad97d65aaa79a2638d4b4f1e2147c7443f452d","ssdeep":"","tlshash":"95f00e8201be75a67a3c242659a5e215af302fec290416f15c4446d17c163ee4590196","first_seen":"2024-07-23T11:05:32Z","last_seen":"2024-08-19T16:00:45.752Z","times_seen":6749,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:24.478005844Z","timestamp":1721738964478,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6880E7942C7D7FD202D5FA27F05D9BF4D326A927C8017D7EB3FE8935BCA9315D\"\r\nLast-Modified: Tue, 23 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3707\r\nExpires: Tue, 23 Jul 2024 13:51:11 GMT\r\nDate: Tue, 23 Jul 2024 12:49:24 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fd115439890c93cffca20c1e8e57d7e9","sha1":"ac392d605dbe2ebd22d7c5fbad07e8c52d77ea5c","sha256":"6880e7942c7d7fd202d5fa27f05d9bf4d326a927c8017d7eb3fe8935bca9315d","sha512":"63ff7e18df9c2849934948b676ee80ba0611b4a4776c6296786eaf0e79a306a98aabeb0039c28dfb922ac592502fbcc3f502e7ca784c31d3fa4d4d54b18a3bc5","ssdeep":"","tlshash":"e8f0c9850c9a7a90e7a8244aacfcd73429206ef9690031b209f501c37c216ee261818a","first_seen":"2024-07-23T09:54:52Z","last_seen":"2024-08-19T16:00:59.381179Z","times_seen":10701,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:26.289813906Z","timestamp":1721738966289,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63\"\r\nLast-Modified: Tue, 23 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8258\r\nExpires: Tue, 23 Jul 2024 15:07:04 GMT\r\nDate: Tue, 23 Jul 2024 12:49:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6f2910e1ef1f25adc2a608cb3e59166e","sha1":"da9b723e09fa30a2caee59b3a2d7c31e670f1954","sha256":"cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63","sha512":"ac6a3b5966f6d5bf02773f075951ccdc7ae708c1e6f77b038d71826e89dc61599490b6d9a059ea4b37b5142da763df6cfe55d44af3214b603f44ef1f273b5ae3","ssdeep":"","tlshash":"28f00e0912d2380559bc030d5cfbfe3d497c6cfa38bac086799892e11418bfa90d8056","first_seen":"2024-07-23T10:34:22Z","last_seen":"2024-08-19T16:00:47.615637Z","times_seen":11061,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:26.294612413Z","timestamp":1721738966294,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63\"\r\nLast-Modified: Tue, 23 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8258\r\nExpires: Tue, 23 Jul 2024 15:07:04 GMT\r\nDate: Tue, 23 Jul 2024 12:49:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6f2910e1ef1f25adc2a608cb3e59166e","sha1":"da9b723e09fa30a2caee59b3a2d7c31e670f1954","sha256":"cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63","sha512":"ac6a3b5966f6d5bf02773f075951ccdc7ae708c1e6f77b038d71826e89dc61599490b6d9a059ea4b37b5142da763df6cfe55d44af3214b603f44ef1f273b5ae3","ssdeep":"","tlshash":"28f00e0912d2380559bc030d5cfbfe3d497c6cfa38bac086799892e11418bfa90d8056","first_seen":"2024-07-23T10:34:22Z","last_seen":"2024-08-19T16:00:47.615637Z","times_seen":11061,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:26.297894524Z","timestamp":1721738966297,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63\"\r\nLast-Modified: Tue, 23 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8258\r\nExpires: Tue, 23 Jul 2024 15:07:04 GMT\r\nDate: Tue, 23 Jul 2024 12:49:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6f2910e1ef1f25adc2a608cb3e59166e","sha1":"da9b723e09fa30a2caee59b3a2d7c31e670f1954","sha256":"cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63","sha512":"ac6a3b5966f6d5bf02773f075951ccdc7ae708c1e6f77b038d71826e89dc61599490b6d9a059ea4b37b5142da763df6cfe55d44af3214b603f44ef1f273b5ae3","ssdeep":"","tlshash":"28f00e0912d2380559bc030d5cfbfe3d497c6cfa38bac086799892e11418bfa90d8056","first_seen":"2024-07-23T10:34:22Z","last_seen":"2024-08-19T16:00:47.615637Z","times_seen":11061,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T12:49:26.299060053Z","timestamp":1721738966299,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63\"\r\nLast-Modified: Tue, 23 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8258\r\nExpires: Tue, 23 Jul 2024 15:07:04 GMT\r\nDate: Tue, 23 Jul 2024 12:49:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6f2910e1ef1f25adc2a608cb3e59166e","sha1":"da9b723e09fa30a2caee59b3a2d7c31e670f1954","sha256":"cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63","sha512":"ac6a3b5966f6d5bf02773f075951ccdc7ae708c1e6f77b038d71826e89dc61599490b6d9a059ea4b37b5142da763df6cfe55d44af3214b603f44ef1f273b5ae3","ssdeep":"","tlshash":"28f00e0912d2380559bc030d5cfbfe3d497c6cfa38bac086799892e11418bfa90d8056","first_seen":"2024-07-23T10:34:22Z","last_seen":"2024-08-19T16:00:47.615637Z","times_seen":11061,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zikaifegsurvey.top/favicon.ico","fqdn":"zikaifegsurvey.top","domain":"zikaifegsurvey.top","tld":"top"},"ip":{"addr":"172.67.166.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zikaifegsurvey.top/","date":"2024-07-23T12:49:24.631Z","timestamp":1721738964631,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zikaifegsurvey.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 22 Jun 2024 23:02:43 GMT","end":"Fri, 20 Sep 2024 23:02:42 GMT"},"fingerprint":{"sha1":"00:DC:9C:D7:4A:3B:0E:D9:AD:C6:4A:DD:8C:CB:D9:D2:8F:A6:48:C3","sha256":"FD:2C:7B:CF:63:8F:BC:33:84:5E:1F:F8:8C:B8:19:0C:4C:30:9E:3A:D9:05:13:94:C3:4E:E7:82:BD:3F:BA:8B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zikaifegsurvey.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zikaifegsurvey.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Jul 2024 12:49:24 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Wed, 17 Jul 2024 08:58:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"669787a0-47e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncache-control: max-age=1800\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mWsEZhkfO6lX4aa8mC8t9RicIygxSFPP52jNUJ3Ga1ofvkU9P26sbqm4m3CtdjaurTsFDUG9mOvEWBe14W99wWwnqNL5OJaTQ8Ap2o91SVIk0x1rWCfv2myqw2tPgycHVX31BbI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a7bca50eb1256b5-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8486,"size_decoded":1150,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"668ba1a9fa1890ba16cb8adc28d3dad8","sha1":"5e35223b2541265114eaf61b9da2556c812fea17","sha256":"7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2","sha512":"212aa3e6ea6a2dd1abc10d4a96b7be179e0e490da187641ae3be7b7c0c30b7272d8d5b37b1c6ca5c75732dfb35a8ee30fa97cdb35704b97eeee11a2163e53664","ssdeep":"","tlshash":"ed2121f12eb0ac91d1e71a7a53305ec153a560a6deacda43b45c0d721d2542b858f76c","first_seen":"2023-04-14T08:40:43Z","last_seen":"2026-01-05T06:12:38.212902Z","times_seen":33252,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-23","alert":"Sinkholed","trigger":"zikaifegsurvey.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zikaifegsurvey.top/","fqdn":"zikaifegsurvey.top","domain":"zikaifegsurvey.top","tld":"top"},"ip":{"addr":"172.67.166.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-23T12:49:24.202Z","timestamp":1721738964202,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zikaifegsurvey.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 22 Jun 2024 23:02:43 GMT","end":"Fri, 20 Sep 2024 23:02:42 GMT"},"fingerprint":{"sha1":"00:DC:9C:D7:4A:3B:0E:D9:AD:C6:4A:DD:8C:CB:D9:D2:8F:A6:48:C3","sha256":"FD:2C:7B:CF:63:8F:BC:33:84:5E:1F:F8:8C:B8:19:0C:4C:30:9E:3A:D9:05:13:94:C3:4E:E7:82:BD:3F:BA:8B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zikaifegsurvey.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Jul 2024 12:49:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 17 Jul 2024 08:58:08 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=pkGVzofCU%2FJg8r5Li5sHpCjuFauCRJcufOxkzfyPXvM9Rv04CH3hWw21QDT%2Bm53VodNZaFkZ6yHfYFG529sU%2F5tDND0%2FjrCMllRtsFX5HujZbGLcT4UIEgc8yzH76XtUs8%2FMYvI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a7bca4e6fd7568a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54,"size_decoded":54,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"f315f5f2c187a05af1ace62d5f6aa477","sha1":"47d77a2a1665cb6202028ecd89b50920287d9148","sha256":"166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da","sha512":"6a12034c64743bf5c625ee993a758561284de5950504d61abbd5273500db08efd1b2b82d71f7b378ebd4c1b3c9c22bae645564357b96bbf4f69de03b6214865b","ssdeep":"","tlshash":"1c9002f990a10009ad203ad00dc213454c19935434014e041ac5387894843169c17384","first_seen":"2023-03-07T01:02:50Z","last_seen":"2026-04-04T00:17:03.650527Z","times_seen":32273,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":108,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-07-23","alert":"Sinkholed","trigger":"zikaifegsurvey.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}