{"report_id":"b5caad00-0b92-4463-be5d-2e8b84df5874","version":6,"status":"done","tags":[],"date":"2024-10-05T11:43:39Z","url":{"schema":"http","addr":"222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","fqdn":"222.71.180.226","domain":"222.71.180.226","tld":""},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"final":{"url":{"schema":"http","addr":"222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"title":"Keyman/Vector_Driver_Setup_9_8_1.zip at master - Keyman - Gitea: Git with a cup of tea"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-15T09:22:24Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-10-03 18:12:15","alert_count":0,"request_count":4,"received_data":3550,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"222.71.180.226:3000","ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":507242,"sent_data":3182,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-10-03 18:12:10","alert_count":0,"request_count":5,"received_data":4440,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fc2d4d620cd55cfc03a857a552576e1b","sha1":"52ee4d751f6625e2b795cab65a3b3f15912ec9bb","sha256":"55e274cd1b0d7229ba647c02a7eb421fdbebb4169abcaf9f69b21bf301873825","sha512":"a4992c5da48329ca6683161cb86a6e4c86b7fa81bef36bd39f3cf4273ae1ce629d7e5ba77427a7ad9a6cc4824ce27fba504643fba128457378fdd941084a6b57","ssdeep":"192:D8u60hAhgv1HHHAneHEZHrThsjHY4zVlHHqfHHAn7EUH/rrnZ89gT:DlhygvJHHAeHkHnhIHY4H0HHA7hHn","tlshash":"f402eb33111df97de80fec2652766d74e32e942a70b861b0d57edaa081636b0e79f00e","size":8343,"data":"","first_seen":"2024-10-06T09:22:29.19315Z","last_seen":"2024-10-06T09:22:29.19315Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2d74558b1f17b0dd5536408bfe863331","sha1":"0eb6296605b50475f860a8f98910fa1c02ca3730","sha256":"ee956b4340e02fc97a3f3e6b7d278d2224504c403d27e042e146965fe58bb79e","sha512":"c79d10988da69d9286cd54978e943723ece478f46372b3bd2e4b1fc1a1930ce976d6e8976850575c1676f1fe9c03bd0930474b58f4e78b80617ac8050114ae90","ssdeep":"","tlshash":"ebe02064342cd11cd8652ce501717e35e10f443d33d66509e7bef9d156a1130eaebc5c","size":325,"data":"","first_seen":"2024-10-06T09:22:29.195012Z","last_seen":"2024-12-03T15:35:27.840501Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"44897c5e74287fb295195fb68d00195c","sha1":"b39dd71d37cf0d2f13ac95bccbdf2f7694c739ab","sha256":"cdb9f0fd50b2cca0333b62ea448d9653f279ca76bec8f9149475fad2ea562d2c","sha512":"96ab05f7bab58ec80c964beca5daca6ee67bc4c07f9a65e88d29ab4223e1647e8f077940cc1e01b00d4ae6a0cec761896dbe057742ec4d49924c12f22a25f76b","ssdeep":"","tlshash":"e81121467a1ca0bb06206c0e7f0f7183a69a3306cffc42d569da5a657b66d07ad00a51","size":1010,"data":"","first_seen":"2024-10-06T09:22:29.196076Z","last_seen":"2024-10-06T09:22:29.196076Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/js/index.js?v=f706969c070b7f4de847f972aedcc989","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cc20e552b62535895aa539be128b9a8f","sha1":"189107d3df3a5d882c4057989dea9d155c6fb67a","sha256":"ea79162252fc8800bedfb2c07a825eca47627917e4478915a85f95591e2e8070","sha512":"6fd7a4e8ec114d6964078a54058bfcb8e5657285e8f633f0b25929c9dd748215d2d0f17540e4c56dcc1c9af3bc4982bbf2df82b6b6e764010f74f074418c5cb7","ssdeep":"6144:kk026bSKIs/p2QKy4uKGvMXMWMnNYtf3IxxK71Hqo46sUJ5k1K6X76BH/+4IdF/X:102m2/tkCf3BRsWa7xYMxUnoYfTsWaV","tlshash":"20054cacb29038561baf20f0786f6d47b17a0894548c8524b63ed4ea2f7c985e177f3d","size":837233,"data":"","first_seen":"2024-10-06T09:22:29.191084Z","last_seen":"2024-10-06T09:22:29.826601Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:13.689434983Z","timestamp":1728128593689,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B7F29D48807EB55BA269D5C07F8AE07238F88DB1116EEE840567CBBCC80469E9\"\r\nLast-Modified: Thu, 03 Oct 2024 04:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3677\r\nExpires: Sat, 05 Oct 2024 12:44:30 GMT\r\nDate: Sat, 05 Oct 2024 11:43:13 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"701cda0115d2dddafb665ed755667ed6","sha1":"2581d5abcf4e9f2836e4b22486d66f6698b791ed","sha256":"b7f29d48807eb55ba269d5c07f8ae07238f88db1116eee840567cbbcc80469e9","sha512":"f3d5d0414df9d2307bd475004958f188632f4e069b8f6b7c606fc56486b10d481163b69af976820e223e239cee5974c1d4e55891de1a6a6b5d05dce379cd75fa","ssdeep":"","tlshash":"dbf005d117d4792066b181111665f61cec156566a8d849d729d047d2b8417ec1b8940c","first_seen":"2024-10-03T10:53:59Z","last_seen":"2024-10-06T09:47:11.813142Z","times_seen":10451,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:13.693665519Z","timestamp":1728128593693,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"AD95AC545343C80CD984CCF93A34CAA0EE7747989010849F1F53A578D1DAD885\"\r\nLast-Modified: Fri, 04 Oct 2024 20:00:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15105\r\nExpires: Sat, 05 Oct 2024 15:54:58 GMT\r\nDate: Sat, 05 Oct 2024 11:43:13 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1fa79e30af0341c61e97790eda54d24e","sha1":"1175fece7b158d17a34263c9ecaab124f7d7e312","sha256":"ad95ac545343c80cd984ccf93a34caa0ee7747989010849f1f53a578d1dad885","sha512":"a69b48f0093cfc54f19866cd92ab8900b2c5c8be8e9d6b2da05783c85f00da604ddcfeaf1206d8a2f638460535351cb96e104e9ee25ebf09ef01c5491ff6d6c1","ssdeep":"","tlshash":"6ff0058613b0390577b11912b9a6f01efb1479773ca2439990c4425bbf51fe462cc90c","first_seen":"2024-10-05T12:39:58Z","last_seen":"2024-10-06T09:22:57.171281Z","times_seen":4407,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:14.199525489Z","timestamp":1728128594199,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"85AD693617BFD03634246D0C9E3EE02C6D21D9824D25459E5E63BC51B646CC00\"\r\nLast-Modified: Fri, 04 Oct 2024 14:08:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17601\r\nExpires: Sat, 05 Oct 2024 16:36:35 GMT\r\nDate: Sat, 05 Oct 2024 11:43:14 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3edd7e02dd93d4fa92970165e37ea200","sha1":"fdb009fd9b963ab8cc365829be152f0a424e0933","sha256":"85ad693617bfd03634246d0c9e3ee02c6d21d9824d25459e5e63bc51b646cc00","sha512":"2fb7c539c1ae8d21ca3cf4dd626bd1b73869cd301c4a5d671b77dcd755808b82987375cff9eb342192adf191fab2123282a83c09c2d7f4fcbbed3cdf37c73c19","ssdeep":"","tlshash":"9cf07ecc08f536011be24486bba8890bec008eaf3cc02dc878e10be22b027f13b80c0c","first_seen":"2024-10-04T18:28:19Z","last_seen":"2024-10-06T23:34:52.362775Z","times_seen":16823,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:14.371682336Z","timestamp":1728128594371,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6098E348817110B94489B07E72557BA5F6C05741921B725624E722F212637946\"\r\nLast-Modified: Fri, 04 Oct 2024 20:10:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3815\r\nExpires: Sat, 05 Oct 2024 12:46:49 GMT\r\nDate: Sat, 05 Oct 2024 11:43:14 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"860ed6ba62677beda6c7083b25eb9fd1","sha1":"f8d88c64db738e1f32600737a12255a76f1099e2","sha256":"6098e348817110b94489b07e72557ba5f6c05741921b725624e722f212637946","sha512":"b2aa66215ee8f251dc85e5fb8cf86006cff97a07c67847b2f7ab17659390297b5356bfa4f6b303a57ca4b616e8b89c1d4be92a3b3115d8d86c47fc4083506e46","ssdeep":"","tlshash":"c0f005ce13623d046f7117135ca4d5763d35f75e74b001d920e04273a5157f516d454c","first_seen":"2024-10-05T09:19:19Z","last_seen":"2024-10-06T09:24:12.091151Z","times_seen":1617,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:15.63862114Z","timestamp":1728128595638,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nSet-Cookie: i_like_gitea=c6b6d2e59daa0344; Path=/; HttpOnly; SameSite=Lax\n_csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA; Path=/; Expires=Sun, 06 Oct 2024 11:43:11 GMT; HttpOnly; SameSite=Lax\nmacaron_flash=; Path=/; Max-Age=0; HttpOnly; SameSite=Lax\r\nX-Frame-Options: SAMEORIGIN\r\nDate: Sat, 05 Oct 2024 11:43:11 GMT\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":33492,"size_decoded":33492,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1423)","md5":"5ca205bebb7db891b4d53d54575cd46e","sha1":"f8b4ba4685e726bc6945cff60ffe62d5aaaa631d","sha256":"3bec9b17e02e43873438be9de2634b2eeac520d9a2e5c4d3ca6870ae05a012d1","sha512":"c81c663788dfd59352d75b9775f9ce1c0b14c8349c8b54065aab033a60714ee32dd08ddbaa94095092a9857f5d425a9a439becd39244f212b6cc6d81841f1425","ssdeep":"384:+cmSjccvzrjh6DzxOLfLzEMt9hMqwaxAQ1ERAJeJpk2AH6IJuCR2A9EwqEDNrhb8:+cmSjc0lrfLlvIchMIhCwqYNaap2","tlshash":"a4e28470015c2caf100b52aaa63152a4e3afac79b2bc90f075bfe6f48593dd0db6b411","first_seen":"2024-10-06T09:22:29.184634Z","last_seen":"2024-10-06T09:22:29.184634Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/css/theme-auto.css?v=f706969c070b7f4de847f972aedcc989","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":3000,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","date":"2024-10-05T11:43:15.248Z","timestamp":1728128595248,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/theme-auto.css?v=f706969c070b7f4de847f972aedcc989 HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Encoding: gzip\r\nContent-Type: text/css; charset=utf-8\r\nEtag: \"MTM5MDh0aGVtZS1hdXRvLmNzc1dlZCwgMjAgSnVsIDIwMjIgMDY6MzY6MDYgR01U\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:12 GMT\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3420,"size_decoded":13908,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (13907)","md5":"2d8dc746a96cde3c5ec1f2b1d95fe658","sha1":"32e57c6a65db88c4c9c54c8b01138e512afe5dce","sha256":"16bf2101993322bd44628b9ffca3ff1fd3eb291bc0ee2aa08db7cd3f5bf4cef8","sha512":"34af9f6919012f1184413a9e215e6c9798ced1ca1cbca66ca53d9cfb43273c8c17ff3988304509437a3760863325573eac09f2393be32b17e40e48223f691f90","ssdeep":"192:Is1TIS2UAnMeluB/lFmISmoGp+LNMUiwfkQcocapFp:/vAnMeluB/lMURLwcXapFp","tlshash":"1252024af044685f3213893d2588fde9331862d0ad455f73bb2971aa26c588b3cbbb55","first_seen":"2023-11-19T06:10:02Z","last_seen":"2025-10-16T22:27:42.01298Z","times_seen":8,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":233,"dns":0,"connect":239,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:16.413912201Z","timestamp":1728128596413,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B6A970D6641426A36B3E7C389C8D9EAD17C4587F8456AB6ECB285835D137179\"\r\nLast-Modified: Thu, 03 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15778\r\nExpires: Sat, 05 Oct 2024 16:06:14 GMT\r\nDate: Sat, 05 Oct 2024 11:43:16 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9b27c49b8bf7401ddde12d0f77c754dc","sha1":"eece7a3857a2500b86fadcef0d97b40ddaeb368c","sha256":"0b6a970d6641426a36b3e7c389c8d9ead17c4587f8456ab6ecb285835d137179","sha512":"c4294f4138c23aad91916e5be259f92bad95208e5cbb8e39b7ea6e41f0cecf50db54d0749c847b600a0a289a2e8c1871e38eeacca27987cef477634cd341943c","ssdeep":"","tlshash":"73f020822030be084a74843686a880734f2176e425686e82865c0ab358757fc144cd4c","first_seen":"2024-10-03T07:40:12Z","last_seen":"2024-10-06T09:53:22.027159Z","times_seen":10239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:16.418293016Z","timestamp":1728128596418,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B6A970D6641426A36B3E7C389C8D9EAD17C4587F8456AB6ECB285835D137179\"\r\nLast-Modified: Thu, 03 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15778\r\nExpires: Sat, 05 Oct 2024 16:06:14 GMT\r\nDate: Sat, 05 Oct 2024 11:43:16 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9b27c49b8bf7401ddde12d0f77c754dc","sha1":"eece7a3857a2500b86fadcef0d97b40ddaeb368c","sha256":"0b6a970d6641426a36b3e7c389c8d9ead17c4587f8456ab6ecb285835d137179","sha512":"c4294f4138c23aad91916e5be259f92bad95208e5cbb8e39b7ea6e41f0cecf50db54d0749c847b600a0a289a2e8c1871e38eeacca27987cef477634cd341943c","ssdeep":"","tlshash":"73f020822030be084a74843686a880734f2176e425686e82865c0ab358757fc144cd4c","first_seen":"2024-10-03T07:40:12Z","last_seen":"2024-10-06T09:53:22.027159Z","times_seen":10239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:16.423342796Z","timestamp":1728128596423,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B6A970D6641426A36B3E7C389C8D9EAD17C4587F8456AB6ECB285835D137179\"\r\nLast-Modified: Thu, 03 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15778\r\nExpires: Sat, 05 Oct 2024 16:06:14 GMT\r\nDate: Sat, 05 Oct 2024 11:43:16 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9b27c49b8bf7401ddde12d0f77c754dc","sha1":"eece7a3857a2500b86fadcef0d97b40ddaeb368c","sha256":"0b6a970d6641426a36b3e7c389c8d9ead17c4587f8456ab6ecb285835d137179","sha512":"c4294f4138c23aad91916e5be259f92bad95208e5cbb8e39b7ea6e41f0cecf50db54d0749c847b600a0a289a2e8c1871e38eeacca27987cef477634cd341943c","ssdeep":"","tlshash":"73f020822030be084a74843686a880734f2176e425686e82865c0ab358757fc144cd4c","first_seen":"2024-10-03T07:40:12Z","last_seen":"2024-10-06T09:53:22.027159Z","times_seen":10239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:16.425419617Z","timestamp":1728128596425,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B6A970D6641426A36B3E7C389C8D9EAD17C4587F8456AB6ECB285835D137179\"\r\nLast-Modified: Thu, 03 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15778\r\nExpires: Sat, 05 Oct 2024 16:06:14 GMT\r\nDate: Sat, 05 Oct 2024 11:43:16 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9b27c49b8bf7401ddde12d0f77c754dc","sha1":"eece7a3857a2500b86fadcef0d97b40ddaeb368c","sha256":"0b6a970d6641426a36b3e7c389c8d9ead17c4587f8456ab6ecb285835d137179","sha512":"c4294f4138c23aad91916e5be259f92bad95208e5cbb8e39b7ea6e41f0cecf50db54d0749c847b600a0a289a2e8c1871e38eeacca27987cef477634cd341943c","ssdeep":"","tlshash":"73f020822030be084a74843686a880734f2176e425686e82865c0ab358757fc144cd4c","first_seen":"2024-10-03T07:40:12Z","last_seen":"2024-10-06T09:53:22.027159Z","times_seen":10239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:16.427782804Z","timestamp":1728128596427,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B6A970D6641426A36B3E7C389C8D9EAD17C4587F8456AB6ECB285835D137179\"\r\nLast-Modified: Thu, 03 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15778\r\nExpires: Sat, 05 Oct 2024 16:06:14 GMT\r\nDate: Sat, 05 Oct 2024 11:43:16 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9b27c49b8bf7401ddde12d0f77c754dc","sha1":"eece7a3857a2500b86fadcef0d97b40ddaeb368c","sha256":"0b6a970d6641426a36b3e7c389c8d9ead17c4587f8456ab6ecb285835d137179","sha512":"c4294f4138c23aad91916e5be259f92bad95208e5cbb8e39b7ea6e41f0cecf50db54d0749c847b600a0a289a2e8c1871e38eeacca27987cef477634cd341943c","ssdeep":"","tlshash":"73f020822030be084a74843686a880734f2176e425686e82865c0ab358757fc144cd4c","first_seen":"2024-10-03T07:40:12Z","last_seen":"2024-10-06T09:53:22.027159Z","times_seen":10239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/css/index.css?v=f706969c070b7f4de847f972aedcc989","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":3000,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","date":"2024-10-05T11:43:15.246Z","timestamp":1728128595246,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/index.css?v=f706969c070b7f4de847f972aedcc989 HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Encoding: gzip\r\nContent-Type: text/css; charset=utf-8\r\nEtag: \"ODY1MjMyaW5kZXguY3NzV2VkLCAyMCBKdWwgMjAyMiAwNjozNjowNiBHTVQ=\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:12 GMT\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":132229,"size_decoded":865232,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ab4906db5cd40889b4e62d3d115b3e0d","sha1":"5cbc1cac8c351eb83fe6ca602b46f92816fd925f","sha256":"772ada1dace6cbb6f7178330e9a55ef292c125935b4c89ae45639327ba692cf2","sha512":"909c4809f052b0cf53d770044be44f3c477a40ddfc25cff490ca706ff859afef56d335a6c2c6d60fd092bfeb3b369b58f997e397b5dc957dbe0be3b6dfa63fa5","ssdeep":"6144:9kId0Z49exmS22gvfCf/fvgGg2gf8y8S8m8S8q8vS5gkgStE9:jd0Z49AmS2xSStE9","tlshash":"4805c6a9d24424c95723c0c7abc476d87719f091e861cfb7f01774984bda9db2cb2b2a","first_seen":"2024-10-06T09:22:29.188616Z","last_seen":"2024-10-06T09:22:29.819504Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":1025,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/img/logo.svg","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":3000,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://222.71.180.226:3000/KaiRo/Keyman/src/branch/master/Vector_Driver_Setup_9_8_1.zip","date":"2024-10-05T11:43:15.249Z","timestamp":1728128595249,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/img/logo.svg HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Encoding: gzip\r\nContent-Type: image/svg+xml\r\nEtag: \"MjIwN2xvZ28uc3ZnV2VkLCAyMCBKdWwgMjAyMiAwNjozNjowNiBHTVQ=\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:13 GMT\r\nContent-Length: 1078\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1078,"size_decoded":2207,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"040de3d1e9bbfb70fd0287dac0214106","sha1":"576426b10f7441422977eed04e199112110e4dfa","sha256":"e50bd7150872581fe0e1d1eea9872bfe08ec15f50d800bdd699d3c49c7792100","sha512":"1eedb8003e0f7ad23a9cabaa3c295befeb0d4b311a0f71d72147dcae72eb89dc9528de2dd9ad699ad2fa6b7e3658929f5a7c8dabb7312eba7275742d10b69ff2","ssdeep":"","tlshash":"3b41d035c351e3b4eca383b49a3230f0785f816dd1d693a9c77885b8b6458e8a59d8dc","first_seen":"2023-05-21T01:42:11Z","last_seen":"2026-05-03T19:45:02.348518Z","times_seen":89,"resource_available":false,"data":null}},"time_used":1515,"timings":{"blocked":1274,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/fonts/icons.woff2","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:17.068307587Z","timestamp":1728128597068,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/icons.woff2 HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://222.71.180.226:3000/assets/css/index.css?v=f706969c070b7f4de847f972aedcc989\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Length: 79444\r\nContent-Type: font/woff2\r\nEtag: \"Nzk0NDRpY29ucy53b2ZmMldlZCwgMjAgSnVsIDIwMjIgMDY6MzY6MDYgR01U\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:13 GMT\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":79444,"size_decoded":79444,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 79444, version 331.524","md5":"b15db15f746f29ffa02638cb455b8ec0","sha1":"75a88815c47a249eadb5f0edc1675957f860cca7","sha256":"7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7","sha512":"84e621ac534c416cf13880059d76ce842fa74bb433a274aa5d106adbda20354fa5ed751ed1d13d0c393d54ceb37fe8dbd2f653e4cb791e9f9d3d2a50a250b05f","ssdeep":"1536:ogXevisOzyu5r4HjEIe9vyJFdiTCHnegAZ64RPmF17k+GbpJ0VxZrtbz:oTvissyu5eb0ciORAZ64Qrk+0Mzbz","tlshash":"6b7302c68d4ae504c87e0daa36b5a96651be9fc5720e4df6e8700cbcf1f12dc0266d19","first_seen":"2023-04-05T14:18:50Z","last_seen":"2026-05-06T14:50:44.966044Z","times_seen":22369,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/js/index.js?v=f706969c070b7f4de847f972aedcc989","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:17.631653709Z","timestamp":1728128597631,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/js/index.js?v=f706969c070b7f4de847f972aedcc989 HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Encoding: gzip\r\nContent-Type: text/javascript; charset=utf-8\r\nEtag: \"ODM3MjMzaW5kZXguanNXZWQsIDIwIEp1bCAyMDIyIDA2OjM2OjA2IEdNVA==\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:12 GMT\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":254220,"size_decoded":837233,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"cc20e552b62535895aa539be128b9a8f","sha1":"189107d3df3a5d882c4057989dea9d155c6fb67a","sha256":"ea79162252fc8800bedfb2c07a825eca47627917e4478915a85f95591e2e8070","sha512":"6fd7a4e8ec114d6964078a54058bfcb8e5657285e8f633f0b25929c9dd748215d2d0f17540e4c56dcc1c9af3bc4982bbf2df82b6b6e764010f74f074418c5cb7","ssdeep":"6144:kk026bSKIs/p2QKy4uKGvMXMWMnNYtf3IxxK71Hqo46sUJ5k1K6X76BH/+4IdF/X:102m2/tkCf3BRsWa7xYMxUnoYfTsWaV","tlshash":"20054cacb29038561baf20f0786f6d47b17a0894548c8524b63ed4ea2f7c985e177f3d","first_seen":"2024-10-06T09:22:29.191084Z","last_seen":"2024-10-06T09:22:29.826601Z","times_seen":4,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"222.71.180.226:3000/assets/img/favicon.svg","fqdn":"222.71.180.226:3000","domain":"222.71.180.226","tld":"226:3000"},"ip":{"addr":"222.71.180.226","port":0,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-05T11:43:17.972275461Z","timestamp":1728128597972,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/img/favicon.svg HTTP/1.1\r\nHost: 222.71.180.226:3000\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: i_like_gitea=c6b6d2e59daa0344; _csrf=91HaEd5WmzkJI0uFBY5-WMsbs7o6MTcyODEyODU5MTM3NTAxMjQwMA\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: private, max-age=21600\r\nContent-Encoding: gzip\r\nContent-Type: image/svg+xml\r\nEtag: \"MjIwN2Zhdmljb24uc3ZnV2VkLCAyMCBKdWwgMjAyMiAwNjozNjowNiBHTVQ=\"\r\nLast-Modified: Wed, 20 Jul 2022 06:36:06 GMT\r\nDate: Sat, 05 Oct 2024 11:43:14 GMT\r\nContent-Length: 1078\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1078,"size_decoded":2207,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image","md5":"040de3d1e9bbfb70fd0287dac0214106","sha1":"576426b10f7441422977eed04e199112110e4dfa","sha256":"e50bd7150872581fe0e1d1eea9872bfe08ec15f50d800bdd699d3c49c7792100","sha512":"1eedb8003e0f7ad23a9cabaa3c295befeb0d4b311a0f71d72147dcae72eb89dc9528de2dd9ad699ad2fa6b7e3658929f5a7c8dabb7312eba7275742d10b69ff2","ssdeep":"","tlshash":"3b41d035c351e3b4eca383b49a3230f0785f816dd1d693a9c77885b8b6458e8a59d8dc","first_seen":"2023-05-21T01:42:11Z","last_seen":"2026-05-03T19:45:02.348518Z","times_seen":89,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-05","alert":"Sinkholed","trigger":"222.71.180.226","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}