{"report_id":"abc12359-b95f-4eaf-8dfc-4a84c6bd4829","version":6,"status":"done","tags":[],"date":"2024-07-17T12:32:10Z","url":{"schema":"http","addr":"archive.ph/","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":0,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"https","addr":"archive.ph/","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"title":"Webpage archive"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:23:47Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-16 18:12:11","alert_count":0,"request_count":5,"received_data":4437,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"archive.ph","ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"domain_registered":"unknown","domain_rank":209248,"first_seen":"2018-12-31 02:25:10","last_seen":"2024-07-13 20:16:06","alert_count":0,"request_count":3,"received_data":18131,"sent_data":1408,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-07-16 18:31:26","alert_count":0,"request_count":2,"received_data":1398,"sent_data":650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lh3.googleusercontent.com","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":66,"first_seen":"2012-05-22 09:35:05","last_seen":"2024-07-16 18:12:02","alert_count":0,"request_count":1,"received_data":17908,"sent_data":505,"comment":"","tags":null,"fingerprints":null},{"fqdn":"91.90.42.154.no.tno1.0.pixel.archive.ph","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":0,"sent_data":436,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-17T12:31:45Z","timestamp":1721219505,"ip_dst":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"ip_src":{"addr":"Client IP","port":53452,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Abused Website Archival Domain (archive .ph in TLS SNI)","source":"{\"timestamp\":\"2024-07-17T12:31:45.741805+0000\",\"flow_id\":1497250189619886,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":53452,\"dest_ip\":\"185.125.168.154\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038644,\"rev\":1,\"signature\":\"ET INFO Observed Abused Website Archival Domain (archive .ph in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_08_29\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_08_29\"]}},\"tls\":{\"sni\":\"archive.ph\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"0191d81a4ad7ee1a330a1e2c51d23ace\",\"string\":\"771,49195,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2024-07-17T12:31:45.733870+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"archive.ph/","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"97dacf49380e0e11d448842874dac073","sha1":"873d3f51baee95afa50f831c0f4632c02c748a1c","sha256":"f31f749c4b87de6b63b4aef56ed0937d49b0f81cdb2d2359c95bb762fda2ba29","sha512":"acc959395e9c7993e6bfedf06a8bd16c577d8932b3d995a6dd267111bd9767e0386d9508499bc886b6e250d2428237b35ab7f4e8426622b24c21ba3c0e86743c","ssdeep":"","tlshash":"b69004733073543304fd357f105047443c1dd4153c0530035d0404104010dd3c13ddc4","size":39,"data":"","first_seen":"2023-03-12T09:32:24Z","last_seen":"2025-09-27T01:42:35.918484Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"archive.ph/","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"74ff65101aea220a8e73506426481aac","sha1":"ba703b44d301781eacea1be974c54ea3e92a8e98","sha256":"00af706d99f905ffb54543757c0cacb7b48795139b4346ba738484966362440c","sha512":"4cf79634d798180e1e852e5336818dd8fb23271dded2e9ad2bb63e74b17b69550d5d70229599efb6f2469a7486a1280e8568a2177c8dead861e86e8f6695f619","ssdeep":"","tlshash":"5c01f1062ab1383463e540b9963eae0cb32fe4564584d9305cadc5847d14e6bce3f5cc","size":793,"data":"","first_seen":"2023-03-10T01:19:08Z","last_seen":"2025-07-29T11:47:23.099014Z","times_seen":326,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:45.030415176Z","timestamp":1721219505030,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"133266844822EA13F6D0FFC2EDA97A79E99CEA9EC4DEFEC2812CF4A86751283A\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15262\r\nExpires: Wed, 17 Jul 2024 16:46:07 GMT\r\nDate: Wed, 17 Jul 2024 12:31:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9fc6673328a72199efee32208e052486","sha1":"e3cd507761b95ae04da178d9b0da347fcaa5fce6","sha256":"133266844822ea13f6d0ffc2eda97a79e99cea9ec4defec2812cf4a86751283a","sha512":"18de0438f215e593d4e2f1bb76d94ad04b2967f9bb2a3aef8a777dd8b48b581e7edef286e4915a58ac8c010ada67fee4e6b7e6b15cc8af5be291080c88592089","ssdeep":"","tlshash":"92f07e8307b23c592b7c28277ca8ca9cad125a3c288028b220c113e26c88bba859000b","first_seen":"2024-07-15T23:07:47Z","last_seen":"2024-08-19T16:51:27.189912Z","times_seen":24082,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:45.080408629Z","timestamp":1721219505080,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4ACAF4113D4CDA75EDBBAE5D28E17DFFB959489CD6912B854C9E87A3AB50FD2\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2776\r\nExpires: Wed, 17 Jul 2024 13:18:01 GMT\r\nDate: Wed, 17 Jul 2024 12:31:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0ba28ae3ca920c46edf9c7a1f79db3ca","sha1":"b96f7bd71a6b1f9e08b5a0179c66553bf42875d2","sha256":"e4acaf4113d4cda75edbbae5d28e17dffb959489cd6912b854c9e87a3ab50fd2","sha512":"5937af32a6f0ff76e028428c60ef303493ddc882c065396afb650daf19c5cc2f4403724350cbd8cb89a07780f5c9dc7c9885c22cbef8d4cffa26efa396ea6892","ssdeep":"","tlshash":"d6f005511576fd21e57126199cddd91a2e7bdbf4244419f6306003f3d981bffd950d04","first_seen":"2024-07-16T00:32:15Z","last_seen":"2024-08-19T16:50:36.759672Z","times_seen":27562,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:45.456620451Z","timestamp":1721219505456,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A951EDC9FCE6D26583509ABA1A0D759172986DA854406DC2041F25DCA4EB6798\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17229\r\nExpires: Wed, 17 Jul 2024 17:18:54 GMT\r\nDate: Wed, 17 Jul 2024 12:31:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c827d32609521c1e56829aac4640ab87","sha1":"f6721b2c6abc469be2b70d165a58c75d5637408d","sha256":"a951edc9fce6d26583509aba1a0d759172986da854406dc2041f25dca4eb6798","sha512":"02500521f2e5e787d1ead7f0ef3af3606b89efb0bad488293e2e36bf2cad3fbdc8896cbea14f8db1e0be428d80fbcc8ee291149e332399ae23e90450228a1a29","ssdeep":"","tlshash":"7af005530579ac7027a2112198e6e5485f11e594299176d4a4a05bd2b850faec1d4055","first_seen":"2024-07-16T02:32:54Z","last_seen":"2024-08-19T16:50:23.638036Z","times_seen":23210,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:45.626525578Z","timestamp":1721219505626,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4E3975A941C93FDA56279B3918D81448B74CD06D2A2BD0280DBCF8E58712C1D\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2749\r\nExpires: Wed, 17 Jul 2024 13:17:34 GMT\r\nDate: Wed, 17 Jul 2024 12:31:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"d69acaa73161ea261cea420c9548c854","sha1":"1f7cab04c4264ca503bb3e2d8f1d838c226f35c2","sha256":"e4e3975a941c93fda56279b3918d81448b74cd06d2a2bd0280dbcf8e58712c1d","sha512":"4dd16d8d3f21a825b909dcce1868f395cff80c9ae6beab41af9501f63db71cfcfc3a6bd6ebcac649c8c2a1e34f2fb326894ec76ce2d041919fdb6a0e3cfc6645","ssdeep":"","tlshash":"39f005869dddfe9013b11a3a2df8e0407a207e9c24013ce128d442f3784479b55c4084","first_seen":"2024-07-15T23:12:50Z","last_seen":"2024-08-19T16:51:12.402895Z","times_seen":24412,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"archive.ph/","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-17T12:31:45.737Z","timestamp":1721219505737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"archive.ph","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 15:30:41 GMT","end":"Sun, 01 Sep 2024 15:30:40 GMT"},"fingerprint":{"sha1":"A4:FE:CE:CF:6A:44:6D:7D:CF:ED:A6:4A:A2:CA:FE:0C:CB:32:81:B2","sha256":"5D:B7:A2:6E:01:7F:50:5D:A7:82:E5:02:D5:0B:B8:EA:17:90:4D:DC:4D:66:98:3F:7F:D2:B2:0D:53:38:9F:09"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: archive.ph\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 17 Jul 2024 12:31:45 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 8555\r\nx-frame-options: Deny\r\ncache-control: maxage=300\r\nexpires: Wed, 17 Jul 2024 12:36:45 GMT\r\ncontent-encoding: gzip\r\nvary: Accept-Language\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8555,"size_decoded":19333,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15952)","md5":"2c460e1eb1d5898186f1b7e9dd85641c","sha1":"7c75687570e82dc02a2341cf3bd8d5fbf71eb774","sha256":"ff343cb44d45be37c5cfb07f4c14429b74db0fd52d25c8915945c008bc90f011","sha512":"bdf59267e3cfd7231b929603647215676a4d74345d3125b2dbf6967c30a7fe2720f1e486922f2389f59ba2a2011f90601c27553f14b97f5b49b65b0d534644d2","ssdeep":"192:6xKj++WuHUM7Sn3mQuTuHb7SjEtPUZYk442tKFVtC73xmHlythgxCcCbcY8qC/YG:qkUyMSPtbYtmY58qCQT5k2YCkYRIb","tlshash":"a7925bb39a462812751ab3e5e942fd4dd115c1cb8f43cfc4e2ec49bab8d9d62183329c","first_seen":"2024-08-19T16:40:02.241671Z","last_seen":"2024-08-19T16:40:02.241671Z","times_seen":1,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":39,"dns":0,"connect":2,"send":0,"wait":46,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"archive.ph/apple-touch-icon.png","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://archive.ph/","date":"2024-07-17T12:31:46.404Z","timestamp":1721219506404,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"archive.ph","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 15:30:41 GMT","end":"Sun, 01 Sep 2024 15:30:40 GMT"},"fingerprint":{"sha1":"A4:FE:CE:CF:6A:44:6D:7D:CF:ED:A6:4A:A2:CA:FE:0C:CB:32:81:B2","sha256":"5D:B7:A2:6E:01:7F:50:5D:A7:82:E5:02:D5:0B:B8:EA:17:90:4D:DC:4D:66:98:3F:7F:D2:B2:0D:53:38:9F:09"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: archive.ph\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://archive.ph/\r\nCookie: _ga=GA1.2.661111166.1721219506\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 17 Jul 2024 12:31:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 3298\r\nlast-modified: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: maxage=600\r\nexpires: Wed, 17 Jul 2024 12:41:46 GMT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3298,"size_decoded":3298,"mime_type":"image/png","magic":"PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced","md5":"a96f5c9b9da2f4c4f2968b939a00c966","sha1":"6a79abb1c3155e90fd128f0bfd406666b6f23e16","sha256":"83f25aac8c2e64d24c0f67d569ae5285a1ec9d31966f75b9bc6852545b2ccc97","sha512":"5bbf11d1f31ba2dd9f3e2435fc100d068e418c0da709137daae1ea235f3c7593ea0855b712ba9bf087ea0932f759f710f1f851c5b9facb4c9eac4cc1164507dd","ssdeep":"","tlshash":"","first_seen":"2023-05-26T00:06:35Z","last_seen":"2025-09-27T01:42:35.912239Z","times_seen":40,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"archive.ph/favicon.ico","fqdn":"archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"185.125.168.154","port":443,"asn":56655,"as":"TerraHost AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://archive.ph/","date":"2024-07-17T12:31:46.406Z","timestamp":1721219506406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"archive.ph","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 03 Jun 2024 15:30:41 GMT","end":"Sun, 01 Sep 2024 15:30:40 GMT"},"fingerprint":{"sha1":"A4:FE:CE:CF:6A:44:6D:7D:CF:ED:A6:4A:A2:CA:FE:0C:CB:32:81:B2","sha256":"5D:B7:A2:6E:01:7F:50:5D:A7:82:E5:02:D5:0B:B8:EA:17:90:4D:DC:4D:66:98:3F:7F:D2:B2:0D:53:38:9F:09"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: archive.ph\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://archive.ph/\r\nCookie: _ga=GA1.2.661111166.1721219506\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 17 Jul 2024 12:31:46 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 5430\r\nlast-modified: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: maxage=600\r\nexpires: Wed, 17 Jul 2024 12:41:46 GMT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5430,"size_decoded":5430,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"91795eacca160d21020e4af858de3417","sha1":"813d42c0d6d6c1988bc6c79fa93c01f58b8231c3","sha256":"ac4ce6386db1b3630a9ef005e666a2c430ee31925915c304030f4dfd944cd2ae","sha512":"c44a419d206c2362d24151dca6fab1965f956125071bee3bad3e4615658a27219428d761a344fb95bb90428f0b5321729e48e7f369ea748299275033547f7c00","ssdeep":"48:NKfRq3f4jpGIJpARVh/oGy/YDI9TAt1Lf2zs5:UfRgQjphGRvoGyqptx2","tlshash":"a1b1eaea3892e88de0a155b26c50c0fe3e867c40ec26a01734e2ff5fb5f835b5466312","first_seen":"2023-04-30T22:43:21Z","last_seen":"2026-05-31T14:29:30.353627Z","times_seen":495,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:46.521176896Z","timestamp":1721219506521,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:31:46 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"56f9f417c1cf8a5545a1030146b83dc0","sha1":"e9935575877ba175a9d0443b3dc454ffd659ed19","sha256":"ebde9a601dcb2c80e57679fbbe60752bed3c0f395b107d566c0303cea69950df","sha512":"fb582f73bee35bd06f1f0f61bf1661fc22db2ccdc4aaf0aa8fcf2b6272c7aff146640acbb7dfeefdbe5fa20b5aaeab75f8a4f301c8a462bd6574ddb94c08d26e","ssdeep":"","tlshash":"ddf05c0842b238e10cab88206ae8cc68b820af98401608aa303902934800bca8a8b62d","first_seen":"2024-07-16T18:11:21Z","last_seen":"2024-08-19T16:45:43.517177Z","times_seen":616,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lh3.googleusercontent.com/QvuE3HZbAqNse3x9epZ4ey816TKoqkGeR-BeFVd7OxRZfj7NFrUYGeGJfhSeIEOH_XATxdvVrQ=w128-h128-e365","fqdn":"lh3.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://archive.ph/","date":"2024-07-17T12:31:46.399Z","timestamp":1721219506399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:37:56 GMT","end":"Mon, 16 Sep 2024 07:37:55 GMT"},"fingerprint":{"sha1":"7C:4C:89:9D:C0:52:5F:36:7E:51:89:B8:F3:71:B4:81:B3:DF:6F:73","sha256":"61:53:22:E3:2B:E7:7B:AB:69:98:05:CE:24:F1:9F:6A:6C:BB:02:9D:02:B1:1F:18:80:61:26:AD:71:91:5D:65"}}},"request":{"raw":"GET /QvuE3HZbAqNse3x9epZ4ey816TKoqkGeR-BeFVd7OxRZfj7NFrUYGeGJfhSeIEOH_XATxdvVrQ=w128-h128-e365 HTTP/1.1\r\nHost: lh3.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://archive.ph/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\nserver: fife\r\ncontent-length: 17332\r\nx-xss-protection: 0\r\ncross-origin-resource-policy: cross-origin\r\ndate: Wed, 17 Jul 2024 09:38:42 GMT\r\nexpires: Tue, 15 Oct 2024 09:38:42 GMT\r\ncache-control: public, max-age=7776000, no-transform\r\nage: 10384\r\netag: \"v1\"\r\ncontent-type: image/png\r\nvary: Origin\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17332,"size_decoded":17332,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"a4ee863c958da27b8010f5f4b25cfe47","sha1":"b378d530691487306c2088d290468a635338adf4","sha256":"ad4c42f1d99e0c25491424d1b08f092c7af8818936502d6244c68771cb5baa84","sha512":"4df64d8d1933f8b60d42e47208f2c49a35a497d2aca7a3fd282db07c61075a586436653b5349da457b6e106ae5ec3dd840d07ea4b109c35a95fa7f40be7823dd","ssdeep":"384:NfnI865Hg4K9IpTStY5o35YTfpJ5I9cg8jXnCgp6r3BgLRPdEq:pIZ5HksSYa3GDOt8jXqr3BgLZdx","tlshash":"bf72cf393978a8a00879246a6d836d6f8d363746f861831f6de05e40b6b13b3724ab49","first_seen":"2023-05-26T00:06:35Z","last_seen":"2024-08-21T09:22:03.270525Z","times_seen":21,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":147,"dns":23,"connect":8,"send":0,"wait":10,"receive":4,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:46.812855695Z","timestamp":1721219506812,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:31:46 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"56f9f417c1cf8a5545a1030146b83dc0","sha1":"e9935575877ba175a9d0443b3dc454ffd659ed19","sha256":"ebde9a601dcb2c80e57679fbbe60752bed3c0f395b107d566c0303cea69950df","sha512":"fb582f73bee35bd06f1f0f61bf1661fc22db2ccdc4aaf0aa8fcf2b6272c7aff146640acbb7dfeefdbe5fa20b5aaeab75f8a4f301c8a462bd6574ddb94c08d26e","ssdeep":"","tlshash":"ddf05c0842b238e10cab88206ae8cc68b820af98401608aa303902934800bca8a8b62d","first_seen":"2024-07-16T18:11:21Z","last_seen":"2024-08-19T16:45:43.517177Z","times_seen":616,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:31:48.158764206Z","timestamp":1721219508158,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2641\r\nExpires: Wed, 17 Jul 2024 13:15:49 GMT\r\nDate: Wed, 17 Jul 2024 12:31:48 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"91.90.42.154.no.tno1.0.pixel.archive.ph/x.gif","fqdn":"91.90.42.154.no.tno1.0.pixel.archive.ph","domain":"archive.ph","tld":"ph"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://archive.ph/","date":"2024-07-17T12:31:46.256Z","timestamp":1721219506256,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /x.gif HTTP/1.1\r\nHost: 91.90.42.154.no.tno1.0.pixel.archive.ph\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://archive.ph/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}