{"report_id":"bfb9a78d-ff47-415e-b17f-f2948aa1055f","version":6,"status":"done","tags":[],"date":"2024-08-15T00:59:11Z","url":{"schema":"http","addr":"hj2404a965.top/","fqdn":"hj2404a965.top","domain":"hj2404a965.top","tld":"top"},"ip":{"addr":"172.67.189.64","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hai2406a58.top/","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"title":"Document"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-24T23:29:08Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":3,"received_data":2662,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hai2406a58.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":5,"request_count":5,"received_data":161211,"sent_data":2196,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hj2404a965.top","ip":{"addr":"172.67.189.64","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":1,"request_count":1,"received_data":1785,"sent_data":471,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hj2404a965.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hai2406a58.top/","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T19:59:12.695652Z","times_seen":15182955,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:45.17609571Z","timestamp":1723683525176,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914\"\r\nLast-Modified: Wed, 14 Aug 2024 12:55:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17083\r\nExpires: Thu, 15 Aug 2024 05:43:28 GMT\r\nDate: Thu, 15 Aug 2024 00:58:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"686480d25645ac2aca7a99974693a82f","sha1":"55ca9d53bd758d2afc75e8a9b59c656ff26a3f70","sha256":"8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914","sha512":"65af6a10b322fb730377c398ae9185f820a73b8bc5f6488927d2664e39fbb75979a13ec0932cbc3734ae938d530328c525b750e9c0d48413a5d512295610148c","ssdeep":"","tlshash":"1cf0750e15196a6410a18c694ffcc8b30031b451309f316bdd4c54f53021bff098410d","first_seen":"2024-08-14T14:57:02Z","last_seen":"2024-08-19T13:21:13.094181Z","times_seen":48873,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:45.203293283Z","timestamp":1723683525203,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"7098A3B23AECE2B00E86FD3A23C5E532001A5002B061170D3ED53DDD36BF8F5B\"\r\nLast-Modified: Tue, 13 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7896\r\nExpires: Thu, 15 Aug 2024 03:10:21 GMT\r\nDate: Thu, 15 Aug 2024 00:58:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"90149b127cd563315012f026a9e0544f","sha1":"1e148905fa524fb8fec15249f30f33085978dc2e","sha256":"7098a3b23aece2b00e86fd3a23c5e532001a5002b061170d3ed53ddd36bf8f5b","sha512":"6d23b8b74a8ed007fa56a56b90c5e4ee8c9e8826bcf40ad07ce28c3bcc9e108585f2bc508082be6139bba764d2f7c952580e725111c250ebfd2516f0ab415e81","ssdeep":"","tlshash":"6af07562027b3591583220207bd8c4272e22357a301014c365e006c62c44b90009c50c","first_seen":"2024-08-14T02:14:38Z","last_seen":"2024-08-19T13:24:25.753269Z","times_seen":24170,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:45.573023819Z","timestamp":1723683525573,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"9EF3DAB56215A67804DB0E12D33772A1902F5914B788530717712902A294BCB5\"\r\nLast-Modified: Wed, 14 Aug 2024 21:59:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10758\r\nExpires: Thu, 15 Aug 2024 03:58:03 GMT\r\nDate: Thu, 15 Aug 2024 00:58:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"4d209e16679910b467c26590a0073236","sha1":"ddd59fa6902b498e9c0cfb22e342757f954789d0","sha256":"9ef3dab56215a67804db0e12d33772a1902f5914b788530717712902a294bcb5","sha512":"c51db05572ffd286971584fdb91cb70c2dbbca943460845163bbe781c5282225dfccb7121773c517ad3185efeab960a2adcdf13a765219d4843f808a51bc77fd","ssdeep":"","tlshash":"d2f005de12f0b550dab5490569e9e0156c50c5ec3b0541c5738016da16a07fc9f8150c","first_seen":"2024-08-15T00:00:44Z","last_seen":"2024-08-19T13:17:36.886871Z","times_seen":49254,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:45.778882934Z","timestamp":1723683525778,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ACC6047405E1E5E89C898325A6F5BA2D9F993214648DC9E50CF0D4F5AA9BAA\"\r\nLast-Modified: Tue, 13 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3182\r\nExpires: Thu, 15 Aug 2024 01:51:47 GMT\r\nDate: Thu, 15 Aug 2024 00:58:45 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e4a9f1133ab7ff8fdfec972dc9d80181","sha1":"2a253964c7b022d903b90b57585333f32f730527","sha256":"62acc6047405e1e5e89c898325a6f5ba2d9f993214648dc9e50cf0d4f5aa9baa","sha512":"ff4caa233cfb73b8d7263ab83a94567daf14edefcd5fd1c6eb16fcabfb01afa146db3d639caa64ee91202ce0bcb065f4eea9339a5fa37094c31796895d62cb75","ssdeep":"","tlshash":"46f00eda21faf88167e09185aaecd4622c20b56d385045d9149c06eb94807c59e598de","first_seen":"2024-08-14T03:08:11Z","last_seen":"2024-08-19T13:24:19.880186Z","times_seen":16024,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:47.737181615Z","timestamp":1723683527737,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5339\r\nExpires: Thu, 15 Aug 2024 02:27:46 GMT\r\nDate: Thu, 15 Aug 2024 00:58:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:47.738185132Z","timestamp":1723683527738,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5339\r\nExpires: Thu, 15 Aug 2024 02:27:46 GMT\r\nDate: Thu, 15 Aug 2024 00:58:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-15T00:58:47.739306818Z","timestamp":1723683527739,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5339\r\nExpires: Thu, 15 Aug 2024 02:27:46 GMT\r\nDate: Thu, 15 Aug 2024 00:58:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hai2406a58.top/images/conf.png","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hai2406a58.top/","date":"2024-08-15T00:58:47.670Z","timestamp":1723683527670,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hai2406a58.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 12:23:58 GMT","end":"Thu, 24 Oct 2024 12:23:57 GMT"},"fingerprint":{"sha1":"36:9D:AF:3E:32:AC:48:33:4D:54:55:F2:0B:14:04:69:67:20:90:85","sha256":"93:25:A2:25:33:F1:9D:96:49:79:91:D8:94:2D:AE:12:2E:8A:47:E5:43:5E:42:81:86:A8:35:16:D3:70:42:79"}}},"request":{"raw":"GET /images/conf.png HTTP/1.1\r\nHost: hai2406a58.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hai2406a58.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 15 Aug 2024 00:58:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 15565\r\nlast-modified: Wed, 03 Jul 2024 02:31:30 GMT\r\netag: \"6684b802-3ccd\"\r\nexpires: Sat, 14 Sep 2024 00:58:48 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=pj%2BJTzTj97mA%2Bf8InH4WCg%2BLOodAihATcrcLoGANrgCqw3WJTuvzFgU%2FkU%2BGJ7jxdNxn%2BPxydJ5uM8XcbXUL7QIEx2OKOZnOOhHV%2BYmthMa0qqYfDoaN7J3Tl3aKeyuXfA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8b353cffdb3c56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15565,"size_decoded":15565,"mime_type":"image/png","magic":"PNG image data, 232 x 86, 8-bit/color RGBA, non-interlaced","md5":"e4e9d4cb439109e5ce29606045c49f18","sha1":"507057bb3c196cc3138b0e1052114b195d402b36","sha256":"359abd4a76100a0c1ff60f52189836bb6398dbc407f2fdd2a6477f599bdbeac6","sha512":"2b5ad84dc614fb30ff1d847d33d8c0b66442344bfab9426cf39855763dba99fb6cf969bfdfaf56b1b491f076df1751b821221154389308044f52ab29d210329b","ssdeep":"384:55iqvR7YYxD4Tmx7rz/rlWL3Nee9o2Tx50wbFhwDWnUKLZO7Z:73iQ4SNrzrgdee+yL0wbUCrO7Z","tlshash":"e262d1c45737b5b408ab1a7fdab5f9b0ca1b34a0c20d08d63eea73e89c551fb8016527","first_seen":"2023-08-21T21:59:43Z","last_seen":"2026-05-04T06:07:37.311741Z","times_seen":120,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":866,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hai2406a58.top/","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-15T00:58:46.604Z","timestamp":1723683526604,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hai2406a58.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 12:23:58 GMT","end":"Thu, 24 Oct 2024 12:23:57 GMT"},"fingerprint":{"sha1":"36:9D:AF:3E:32:AC:48:33:4D:54:55:F2:0B:14:04:69:67:20:90:85","sha256":"93:25:A2:25:33:F1:9D:96:49:79:91:D8:94:2D:AE:12:2E:8A:47:E5:43:5E:42:81:86:A8:35:16:D3:70:42:79"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hai2406a58.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 15 Aug 2024 00:58:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-credentials: true\r\napi-server: api-server-77\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9JuTCD0rIcpDJhUled%2BWLucIn3mkua%2BLsxAV7tEd0QbzbMiTDr8Bl%2F4WnODloP2XQUJ%2FFliFDJoMANgiWj3BU7GPAKyUdAVcT3hoEeJwJoFgNoDGjm21vGC%2FHI6wF64YNA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b353cf99ee756c5-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46068,"size_decoded":1121,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"350a6a1e01ab67c9ea66fd31f843e99a","sha1":"762d8d9dbbca07e04795dca3a603e282e44921a1","sha256":"c51dcfbd4e7be9eca87b44fb4f0f1ef38565926afb37e00a98ac89fcc7d86819","sha512":"58c9d15fc93749b7dc06a2cf918527ffd7e5f234ab845169ae3e38c333dc46508145c66982e8ccea491453c16351e351d8875a2b088c04c20d00ee50124209fc","ssdeep":"","tlshash":"98218c4592c3188b52b292645ff27a49e7d36043e7024e1079c976c79fb67054bb7acc","first_seen":"2023-10-18T05:20:23Z","last_seen":"2026-05-04T06:07:37.315406Z","times_seen":90,"resource_available":true,"data":null}},"time_used":840,"timings":{"blocked":50,"dns":29,"connect":1,"send":0,"wait":740,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hai2406a58.top/images/fff2.png","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hai2406a58.top/","date":"2024-08-15T00:58:47.676Z","timestamp":1723683527676,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hai2406a58.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 12:23:58 GMT","end":"Thu, 24 Oct 2024 12:23:57 GMT"},"fingerprint":{"sha1":"36:9D:AF:3E:32:AC:48:33:4D:54:55:F2:0B:14:04:69:67:20:90:85","sha256":"93:25:A2:25:33:F1:9D:96:49:79:91:D8:94:2D:AE:12:2E:8A:47:E5:43:5E:42:81:86:A8:35:16:D3:70:42:79"}}},"request":{"raw":"GET /images/fff2.png HTTP/1.1\r\nHost: hai2406a58.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hai2406a58.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 15 Aug 2024 00:58:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 44616\r\nlast-modified: Wed, 03 Jul 2024 02:31:30 GMT\r\netag: \"6684b802-ae48\"\r\nexpires: Sat, 14 Sep 2024 00:58:48 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=12n1fZC9cH93wzzP4muy5TNCCfYadRLm9M5KQufjcXdi3GChQ2nL6MYCPq2y3k3wRv5xMlvMiMNMEjitRjRzcGyze6nXF5KmHqm0w5nswepLARVProo3qEewEha6hKv5ng%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8b353cffeb4356a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44616,"size_decoded":44616,"mime_type":"image/png","magic":"PNG image data, 1920 x 355, 8-bit/color RGBA, non-interlaced","md5":"717db4cfc4adc6c916b4abb7bdffc03b","sha1":"59b3ca9c6dbe30b55867dae00992b429695d9b55","sha256":"f1ee7fd96ba32cb055b18bb13ba036b1260136f0f5d55b25145c2a29c1b730da","sha512":"ba40f83cac5b333429ad60735f04645b79a102bb9fccc9c727ed58055ec8a0d907ab3fb5ef4553047e074ce6da4366748f816de226a589313d0aeb81dc7a4bab","ssdeep":"768:vEe60T+qLJSQWTsac0ocHA+t1TCYs2zCZizTzZ3B1:8Zy9pWoac2/t1TCY4iLVB1","tlshash":"8b13e18c8c720ddfc59d243679472a3a2330cffad65597259615788c3ee8836ea230f4","first_seen":"2023-08-21T21:59:43Z","last_seen":"2026-05-04T06:07:37.312326Z","times_seen":120,"resource_available":false,"data":null}},"time_used":1125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hj2404a965.top/","fqdn":"hj2404a965.top","domain":"hj2404a965.top","tld":"top"},"ip":{"addr":"172.67.189.64","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-15T00:58:45.857Z","timestamp":1723683525857,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hj2404a965.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 18:04:46 GMT","end":"Thu, 24 Oct 2024 18:04:45 GMT"},"fingerprint":{"sha1":"EA:7C:B8:90:08:80:8E:42:0A:17:20:1D:64:C4:04:64:C8:2E:3A:81","sha256":"9B:9C:9C:A2:2F:41:1C:36:27:AF:E0:87:0F:6D:79:5D:2F:44:80:AC:B5:D7:43:CC:CD:66:2C:CD:BC:72:C9:36"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hj2404a965.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 15 Aug 2024 00:58:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://hai2406a58.top/\r\naccess-control-allow-credentials: true\r\napi-server: api-server-77\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jSV4rKxbg7AsXMWqfm69eBDWNzRd4UVvjL%2Foq30DApKTVHz1kRiGmd%2B5BNidlvQ0hYUPmA9LAyeJf4jVFsFH5J35heDoyZDn5xssyj3KCrXDz3RF0jfIDRUPvT5N71JVeQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b353cf4ca3856a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1121,"size_decoded":1121,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T19:59:12.695652Z","times_seen":15182955,"resource_available":true,"data":null}},"time_used":767,"timings":{"blocked":24,"dns":0,"connect":1,"send":0,"wait":717,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hj2404a965.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hai2406a58.top/images/ff1.png","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hai2406a58.top/","date":"2024-08-15T00:58:47.667Z","timestamp":1723683527667,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hai2406a58.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 12:23:58 GMT","end":"Thu, 24 Oct 2024 12:23:57 GMT"},"fingerprint":{"sha1":"36:9D:AF:3E:32:AC:48:33:4D:54:55:F2:0B:14:04:69:67:20:90:85","sha256":"93:25:A2:25:33:F1:9D:96:49:79:91:D8:94:2D:AE:12:2E:8A:47:E5:43:5E:42:81:86:A8:35:16:D3:70:42:79"}}},"request":{"raw":"GET /images/ff1.png HTTP/1.1\r\nHost: hai2406a58.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hai2406a58.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 15 Aug 2024 00:58:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 45612\r\nlast-modified: Wed, 03 Jul 2024 02:31:30 GMT\r\netag: \"6684b802-b22c\"\r\nexpires: Sat, 14 Sep 2024 00:58:48 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rhPTf%2FS6KLQMOmfM2U0Tws6rZee5M1we9ISMqzv6US0n7ugCZEvcGV3iTWleQi8SwmgfrFeqo%2FPF9d04t7x6dOYPQogUSqLstVd5VEEma9Ypu%2FrDb6SK7klF4aLBTJNHcw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8b353cffdb3956a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45612,"size_decoded":45612,"mime_type":"image/png","magic":"PNG image data, 1920 x 611, 8-bit/color RGBA, non-interlaced","md5":"dabd9a9917ec1918db000983f23bb3bf","sha1":"42362a56986f54896241b5e5bec8f3f078db0da3","sha256":"fba75d5c9149d11f40d75b28dc9ef007867f6277df61562e70447a9f94a8bf09","sha512":"aa532b9d97acfe06dc8580fd4d2d76c5861a4c93b0ad8a3dc97d4ab18b8158d17b7a3f9e6fbb9c2369f395fef11e267d78fd423f628d0bb798e464817c45f9a8","ssdeep":"768:bUdI+cfdQYjO2JGoweQVi7Iv019mvMieozSOIsucHEUNWxbM4AMJ1:btfdQYihUIv01965jFI1nUNWBMLg1","tlshash":"2b23bf08c6674ca9d86d017dbddf2a78b3385e124d6393cf6b301a58bf4f6b49881280","first_seen":"2023-08-21T21:59:43Z","last_seen":"2026-05-04T06:07:37.316687Z","times_seen":119,"resource_available":false,"data":null}},"time_used":1091,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1088,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hai2406a58.top/favicon.ico","fqdn":"hai2406a58.top","domain":"hai2406a58.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hai2406a58.top/","date":"2024-08-15T00:58:47.968Z","timestamp":1723683527968,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hai2406a58.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jul 2024 12:23:58 GMT","end":"Thu, 24 Oct 2024 12:23:57 GMT"},"fingerprint":{"sha1":"36:9D:AF:3E:32:AC:48:33:4D:54:55:F2:0B:14:04:69:67:20:90:85","sha256":"93:25:A2:25:33:F1:9D:96:49:79:91:D8:94:2D:AE:12:2E:8A:47:E5:43:5E:42:81:86:A8:35:16:D3:70:42:79"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hai2406a58.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hai2406a58.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 15 Aug 2024 00:58:47 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Fri, 14 Jun 2024 07:18:17 GMT\r\nexpires: Thu, 12 Sep 2024 21:31:44 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 98823\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0tuwLJnV%2B%2F8nggb0CiyVMnYKfw109ztj2MxAglEBivgPC6rS0tjipPvTfrSWRQ3ry1BscIXGWX0zeKXGNIXjG0y%2FO%2F9%2FnFd2thoO3WqY%2FU%2FH77rpwbTzckzeoiqXOgbdnw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b353d01dc0156a2-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5821,"size_decoded":5821,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (6187), with no line terminators","md5":"db7c7a140fb04f409c1a931e43be610b","sha1":"da1a6af0f55098384377ab637be1a60c3ac8acaf","sha256":"12ac26c80afcb3f15efbd8f9aecc244343c14d50e0069bbd7c583e8a2e1af505","sha512":"9d535c8f2c8e3cbb973940e9b022ff9c693c726cca124dfa5098f3a68ac263fbfdef8935467c35bd1387eab2d2b4c6d594806dc94d4fd24d03410e3f96755e04","ssdeep":"48:u4RwfOdxhY6AmzR1OitMaFwk5b5DP/nOR/WSG45HMMqqTMQMY0MRbKImnMgHIVFR:TW8xPF9CBIqX7IX4HtHwr7Vnu","tlshash":"54d1482ae994ca6f2d21d6e7fb15b16cc866f81d0c38d441a05d2ecdc8e8fc9416bb53","first_seen":"2024-06-22T16:06:16Z","last_seen":"2024-08-19T19:11:59.314863Z","times_seen":2,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-15","alert":"Sinkholed","trigger":"hai2406a58.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}