{"report_id":"a8f45401-90d4-4897-bfdb-6eac79e0baaa","version":6,"status":"done","tags":[],"date":"2025-11-25T01:48:17Z","url":{"schema":"http","addr":"u0lphrb.mirazu-denhaag.nl","fqdn":"u0lphrb.mirazu-denhaag.nl","domain":"mirazu-denhaag.nl","tld":"nl"},"ip":{"addr":"185.155.184.36","port":0,"asn":6898,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"final":{"url":{"schema":"https","addr":"u0lphrb.mirazu-denhaag.nl/","fqdn":"u0lphrb.mirazu-denhaag.nl","domain":"mirazu-denhaag.nl","tld":"nl"},"title":"u0lphrb.mirazu-denhaag.nl/","dom":{"size":523,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"2764ab977bd93cad302fd65ab20fb6ca","sha1":"e2f1d929831cec392530023db36b34d11f3af619","sha256":"4ed200ef9f17c87e1f92d0a032339bd6e283c34bfb81c1b814d68358d3afe392","sha512":"1dfd928c9948b1c5e30b76abc893c095f5aa8330e321dda4ab041be7805bd97614cf3bc4713f4d0b911bd5846747a407632ca8010b0272e8a2a9aa2f2df60377","ssdeep":"","tlshash":"f9f0c00cc016ac22e8b29a94b1e1a7853cea41f9028150425685f5506a10dd3c732ac0","dom_hash":"domhash65b9377932cb8c8ce4acb7d61b3873f7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"u0lphrb.mirazu-denhaag.nl","fqdn":"u0lphrb.mirazu-denhaag.nl","domain":"mirazu-denhaag.nl","tld":"nl"},"ip":{"addr":"185.155.184.36","port":0,"asn":6898,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-30T01:48:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"u0lphrb.mirazu-denhaag.nl","ip":{"addr":"185.155.184.36","port":443,"asn":6898,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"domain_registered":"2025-07-13","domain_rank":0,"first_seen":"2025-11-25T00:39:15.170915Z","last_seen":"2025-11-25T00:39:15.170915Z","alert_count":0,"request_count":2,"received_data":1030,"sent_data":992,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"u0lphrb.mirazu-denhaag.nl/favicon.ico","fqdn":"u0lphrb.mirazu-denhaag.nl","domain":"mirazu-denhaag.nl","tld":"nl"},"ip":{"addr":"185.155.184.36","port":443,"asn":6898,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u0lphrb.mirazu-denhaag.nl/","date":"2025-11-25T01:47:57.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"u0lphrb.mirazu-denhaag.nl","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 13:15:17 GMT","end":"Tue, 10 Feb 2026 13:15:16 GMT"},"fingerprint":{"sha1":"65:9C:BA:83:10:9E:18:6F:4C:3E:25:ED:D1:6D:3C:26:B3:63:20:9E","sha256":"5E:F2:FB:50:7A:F3:64:F8:EF:16:90:4C:F6:A7:CC:68:F8:3D:5A:F9:B5:C7:21:0B:6E:0F:E7:7D:1F:4C:29:B2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: u0lphrb.mirazu-denhaag.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://u0lphrb.mirazu-denhaag.nl/\r\nCookie: sid=t2~ktrcwmqgeo4alek3bu5mkm5l\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: openresty\r\ndate: Tue, 25 Nov 2025 01:47:57 GMT\r\ncache-control: no-transform\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u0lphrb.mirazu-denhaag.nl/","fqdn":"u0lphrb.mirazu-denhaag.nl","domain":"mirazu-denhaag.nl","tld":"nl"},"ip":{"addr":"185.155.184.36","port":443,"asn":6898,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-25T01:47:56.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"u0lphrb.mirazu-denhaag.nl","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 13:15:17 GMT","end":"Tue, 10 Feb 2026 13:15:16 GMT"},"fingerprint":{"sha1":"65:9C:BA:83:10:9E:18:6F:4C:3E:25:ED:D1:6D:3C:26:B3:63:20:9E","sha256":"5E:F2:FB:50:7A:F3:64:F8:EF:16:90:4C:F6:A7:CC:68:F8:3D:5A:F9:B5:C7:21:0B:6E:0F:E7:7D:1F:4C:29:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: u0lphrb.mirazu-denhaag.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 25 Nov 2025 01:47:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: sid=t2~ktrcwmqgeo4alek3bu5mkm5l; path=/\r\ncache-control: private, no-transform\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":676,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"4d8998cf74cf1890fc12aef327b25811","sha1":"e0573a91d3676c64ad8aa00017dadbaa29927e92","sha256":"4083dd710081a2b3bf2c5542a9d431d0d8eee767ffebc5b11454526ac7ed879a","sha512":"2bbfe86bddc0f22035f4ebebf91c2eb1add218fa13f05699c5bb6b8a38251a5424f9a2bf72c8da858d1262b58a8da61f39a43a4b51a015e2618e4c021a610161","ssdeep":"","tlshash":"4701fe4c9027ac15d4b3dbb4b0e2d3c538b741db07c102097580f5937a42ad78332bc9","first_seen":"2025-11-25T01:48:18.226552Z","last_seen":"2025-11-25T01:48:18.226552Z","times_seen":1,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":193,"dns":68,"connect":39,"send":0,"wait":225,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}