{"report_id":"c477a6f3-8712-4f9a-8d45-047cdd623dc2","version":6,"status":"done","tags":[],"date":"2024-08-14T17:57:25Z","url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":""},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"title":"Direct IP access not allowed | Cloudflare"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-24T23:57:11Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":4,"received_data":3550,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":4,"received_data":3551,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"104.26.6.166","ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":3,"request_count":3,"received_data":7691,"sent_data":1058,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aus5.mozilla.org","ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":2548,"first_seen":"","last_seen":"","alert_count":0,"request_count":1,"received_data":1219,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"performance.radar.cloudflare.com","ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":1,"received_data":9549,"sent_data":383,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-08-14T17:57:01Z","timestamp":1723658221,"ip_dst":{"addr":"Client IP","port":38964,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.26.6.166","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2024-08-14T17:57:01.124999+0000\",\"flow_id\":1822895519943148,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.26.6.166\",\"src_port\":443,\"dest_ip\":\"172.18.0.12\",\"dest_port\":38964,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"3271cf62f45f551e79405f26e227ebda\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":795,\"bytes_toclient\":213,\"start\":\"2024-08-14T17:57:01.117228+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-08-14T17:57:01Z","timestamp":1723658221,"ip_dst":{"addr":"Client IP","port":38970,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.26.6.166","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2024-08-14T17:57:01.132934+0000\",\"flow_id\":1480990353386433,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.26.6.166\",\"src_port\":443,\"dest_ip\":\"172.18.0.12\",\"dest_port\":38970,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"ddb7e3d96a12de225f5c4fca1d2607f1\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2024-08-14T17:57:01.125889+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34ad0a116707d3b794129a6720af92d7","sha1":"424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4","sha256":"d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262","sha512":"4d7cca00f0d83452fe3513c0c07c97ca5318dfcda0937df40626e49c9e15ef9a4287e6aa98da4c873d46248a20418b0ef793704c6619efad43c8b338a515cb37","ssdeep":"","tlshash":"43e0226b3b45293456f7aab3337fe37c3a22e0969cc015201968cd5ccd2bac042352c4","size":393,"data":"","first_seen":"2023-04-05T04:39:40Z","last_seen":"2025-03-02T06:13:46.994369Z","times_seen":143291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"performance.radar.cloudflare.com/beacon.js","fqdn":"performance.radar.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f974d68e595e2dafedffdffd6cad777","sha1":"40c64ef19959766f622e0deef36f5c0186281ac5","sha256":"1e21f02d1fcbe4a236ef6ff3b7dab68ba569f4665b0b7c20030402e456b69441","sha512":"710cd9e77f320aa177eeec6636cc3e1d91480000cc71ec2b0b81fd58bbc8f609eda5d502318a716c072ad28904d781e9e7eecf6605b38594fa953c6e91e45f50","ssdeep":"192:834d1an1U1Kf88Kvmv1IygAVAWb97RfEFHYhvJ4nFHYdzPTUx2/+HY8XmnSPIK:ey1an1U1Kf88KOvCyt7EF4hvJ4nF4tPm","tlshash":"77121a72fb50c903c5850c4e09babe3f3621f08e0783519d764ecd29a1989f676b2b96","size":8741,"data":"","first_seen":"2024-08-19T13:18:55.082139Z","last_seen":"2024-08-19T13:18:55.082139Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:00.494333836Z","timestamp":1723658220494,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6E7ECB16387BF3080101C499987F120BAF52164849B58D845C6E985F4D92C8AF\"\r\nLast-Modified: Wed, 14 Aug 2024 00:40:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9830\r\nExpires: Wed, 14 Aug 2024 20:40:50 GMT\r\nDate: Wed, 14 Aug 2024 17:57:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1b79b8c052873d6e247531304087ef10","sha1":"b2d92fedc3b7e5b0007eb7e5f256d23d07f623f2","sha256":"6e7ecb16387bf3080101c499987f120baf52164849b58d845c6e985f4d92c8af","sha512":"47cb241fac37dd69a830ab4e900f7199a1a28654ac16df6fe6ac9668487c0a5d64fd7c0c33d72527d8727b2f52e4931bcacedfeed0f35897f6f40c83beb381a8","ssdeep":"","tlshash":"3ff00e003bafaa80199a4c2ba4a1b23b0e21aeef1d7177e344d813f53180ff6441004c","first_seen":"2024-08-14T06:58:40Z","last_seen":"2024-08-19T13:23:03.157107Z","times_seen":818,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:00.498743482Z","timestamp":1723658220498,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914\"\r\nLast-Modified: Wed, 14 Aug 2024 12:55:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3481\r\nExpires: Wed, 14 Aug 2024 18:55:01 GMT\r\nDate: Wed, 14 Aug 2024 17:57:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"686480d25645ac2aca7a99974693a82f","sha1":"55ca9d53bd758d2afc75e8a9b59c656ff26a3f70","sha256":"8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914","sha512":"65af6a10b322fb730377c398ae9185f820a73b8bc5f6488927d2664e39fbb75979a13ec0932cbc3734ae938d530328c525b750e9c0d48413a5d512295610148c","ssdeep":"","tlshash":"1cf0750e15196a6410a18c694ffcc8b30031b451309f316bdd4c54f53021bff098410d","first_seen":"2024-08-14T14:57:02Z","last_seen":"2024-08-19T13:21:13.094181Z","times_seen":48873,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:00.599530792Z","timestamp":1723658220599,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A5DC8C5B994299DA9E84F8285EC6D80BECA382C792FBDCF8E67201148AAD2269\"\r\nLast-Modified: Tue, 13 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13821\r\nExpires: Wed, 14 Aug 2024 21:47:21 GMT\r\nDate: Wed, 14 Aug 2024 17:57:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"38ec58de07b1016bd9b813c7eda301e9","sha1":"c37f1517a0074a1de19e1dd4fb2f12a0b59c6ce3","sha256":"a5dc8c5b994299da9e84f8285ec6d80beca382c792fbdcf8e67201148aad2269","sha512":"1f40998f56093ff220181a27016cfb293f7c5a86aae8d6824f7d58454fade2ae6c947d2d38df5a23e60f04f76ec9900b342e39e78405e7fe79b2f69350d947c8","ssdeep":"","tlshash":"3cf0201311cebc7067ec51818aa4c20a09288eb92c860ed2384082a0580036884c458c","first_seen":"2024-08-14T08:03:37Z","last_seen":"2024-08-19T13:23:00.293541Z","times_seen":12815,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:00.883514035Z","timestamp":1723658220883,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"94E9518D845BB5293C2F009A196B74A3859A5AE3B3A1438234F867017C167E1B\"\r\nLast-Modified: Tue, 13 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5478\r\nExpires: Wed, 14 Aug 2024 19:28:18 GMT\r\nDate: Wed, 14 Aug 2024 17:57:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"024341a123220bb7f476663e0c2f941d","sha1":"20e2ab3bdab6d6f5241eb3c45d44a9b191f6cb44","sha256":"94e9518d845bb5293c2f009a196b74a3859a5ae3b3a1438234f867017c167e1b","sha512":"9a9f70d829e972dcef3fc7c1b2671546c48991dc0ff3b9c128aed8254127bed7322c44f9c13f9ffa3b3a725b34ebd40d6d14b74d6d4e00e9434046f2991db1fc","ssdeep":"","tlshash":"22f0054266f768d075a64513dcc5d6032b1cef6618818af99e2901e21d087e1c1d602d","first_seen":"2024-08-14T00:09:57Z","last_seen":"2024-08-19T13:32:40.697939Z","times_seen":14092,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-14T17:57:01.122Z","timestamp":1723658221122,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Wed, 14 Aug 2024 17:57:01 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8b32d32a3ffe56be-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2099,"size_decoded":5893,"mime_type":"","magic":"HTML document, ASCII text, with very long lines (501)","md5":"33511bac1d6fce53c764d80819ac503a","sha1":"44e343f89f784554e4d4cc6a92bd8fbe48fb201d","sha256":"72fd5777544cc484cddae3505db02d7ca89cef511d49b02567016349dfb4d743","sha512":"9dbe7ee8d89314e95a7ba482da8d88dd1e60b4bb448d4a5e5200ddd76a86e92acd487517ca170e63701da242c99c22d230f7dab13db3854ca01701452799c98a","ssdeep":"96:1j9jwIjYj0DK/D6laa+hXOlQUpp8HZywo47wojjdJgPUwftvZU0m2rR79PaQxJb0:1j9jhjYjoK/kaaFlVKyz47zvfgPlL020","tlshash":"3cc1a663f5f8257a1093c2a33199a71979f4c123eaa704d1baadc4721f8de85fe07181","first_seen":"2024-08-19T13:18:55.073426Z","last_seen":"2024-08-19T13:18:55.073426Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":3,"dns":0,"connect":1,"send":0,"wait":0,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:01.289212573Z","timestamp":1723658221289,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ACC6047405E1E5E89C898325A6F5BA2D9F993214648DC9E50CF0D4F5AA9BAA\"\r\nLast-Modified: Tue, 13 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13578\r\nExpires: Wed, 14 Aug 2024 21:43:19 GMT\r\nDate: Wed, 14 Aug 2024 17:57:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e4a9f1133ab7ff8fdfec972dc9d80181","sha1":"2a253964c7b022d903b90b57585333f32f730527","sha256":"62acc6047405e1e5e89c898325a6f5ba2d9f993214648dc9e50cf0d4f5aa9baa","sha512":"ff4caa233cfb73b8d7263ab83a94567daf14edefcd5fd1c6eb16fcabfb01afa146db3d639caa64ee91202ce0bcb065f4eea9339a5fa37094c31796895d62cb75","ssdeep":"","tlshash":"46f00eda21faf88167e09185aaecd4622c20b56d385045d9149c06eb94807c59e598de","first_seen":"2024-08-14T03:08:11Z","last_seen":"2024-08-19T13:24:19.880186Z","times_seen":16024,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:01.336934666Z","timestamp":1723658221336,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DCA7763998E78F624F052160E019BDCF2257FE4704CC0CE8086A8C05ADAD8C08\"\r\nLast-Modified: Tue, 13 Aug 2024 18:28:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12555\r\nExpires: Wed, 14 Aug 2024 21:26:16 GMT\r\nDate: Wed, 14 Aug 2024 17:57:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fde28f43b7398486730ce9a97ded773c","sha1":"8342ca28088512c622ae8cdc8e21b753bbd05995","sha256":"dca7763998e78f624f052160e019bdcf2257fe4704cc0ce8086a8c05adad8c08","sha512":"d0d173281a8ed4592d1597c03c780e0ff8ddd11bc943ebe6b40038458c785ab0a079272183462b06b870731f2db35fcf5ba9a9d420e4be31015196848c3ef62f","ssdeep":"","tlshash":"fbf0545f27d77f5039bb861b6ae6e717ae30cb7c302492c52e4402f128117bc8d0814c","first_seen":"2024-08-14T01:43:06Z","last_seen":"2024-08-19T13:24:25.565121Z","times_seen":737,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/cdn-cgi/styles/main.css","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://104.26.6.166/","date":"2024-08-14T17:57:01.491Z","timestamp":1723658221491,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/styles/main.css HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://104.26.6.166/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 14 Aug 2024 17:57:01 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Fri, 09 Aug 2024 15:29:31 GMT\r\nETag: W/\"66b635db-1f4d\"\r\nServer: cloudflare\r\nCF-RAY: 8b32d32c4f59b517-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nVary: Accept-Encoding\r\nExpires: Wed, 14 Aug 2024 19:57:01 GMT\r\nCache-Control: max-age=7200, public\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2176,"size_decoded":8013,"mime_type":"text/css","magic":"ASCII text, with very long lines (8012)","md5":"ff26f59e28a5fe6ea4ab23586415696b","sha1":"4182675484d175e363cd34b43041b7b1af93d0cd","sha256":"d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74","sha512":"92c58eef6d1f885806450acd2927c57ebea2e8762c98b0826192555674bd4478e42add192834285d5934c0a76db8eac5eee1a65dc34b6f69246fad6c91a5fba4","ssdeep":"96:1jMh3JNJinvaE5TQRGxfldudududEtCbnaimpSpIplDO6bU6b16bE6bb6bNdkd94:1jMFJiva655dimwqjlP0/mGTZxRbC","tlshash":"75f1851bbf49104e3023886ae2c5a78d912dd282ee535bfff7173561cbc52fa1552b24","first_seen":"2023-04-05T04:39:40Z","last_seen":"2026-05-15T14:26:39.635952Z","times_seen":82226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/favicon.ico","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://104.26.6.166/","date":"2024-08-14T17:57:01.844Z","timestamp":1723658221844,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://104.26.6.166/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Wed, 14 Aug 2024 17:57:01 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8b32d32e8a60b517-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":2099,"size_decoded":5893,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (501)","md5":"75f5518842e7aa123dc53d3b79461d16","sha1":"ab13417b03c6258d286ac6c574380fe6902d98cb","sha256":"78ab6b312a34d7a04b8e056360fe53211268de2f85bcd2bff938027a1c713be7","sha512":"cd68bfb377a6458519e0f7fbabd04afe11f6df39e92e4caa8150e4584d3aa21646f43c93f5dca32e877375f5b6cf56fdb0f8fee7911d5fb5d1f8d86cf35fc005","ssdeep":"96:1j9jwIjYj0DK/D6laa+hXOlQUpp8HZywo6wojjdJgPUwftvZU0m8rR79PaQxJbGD:1j9jhjYjoK/kaaFlVKyz6zvfgPlL08r4","tlshash":"a9c19663f5f8257a1093c2a331aea71979f4c123daa704d5baadc0721f8de85fe07181","first_seen":"2024-08-19T13:18:55.077997Z","last_seen":"2024-08-19T13:18:55.077997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-14","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:03.228536012Z","timestamp":1723658223228,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16268\r\nExpires: Wed, 14 Aug 2024 22:28:11 GMT\r\nDate: Wed, 14 Aug 2024 17:57:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:03.229772339Z","timestamp":1723658223229,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942\"\r\nLast-Modified: Mon, 12 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16268\r\nExpires: Wed, 14 Aug 2024 22:28:11 GMT\r\nDate: Wed, 14 Aug 2024 17:57:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"77619f0113a62e8c4c44f195901b385c","sha1":"1e1a5e3768ca683e66667aa14efa7042df57ee2f","sha256":"520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942","sha512":"459cb24749852faa2cc051ed3001e7591e96899f52c68d761e7a7e9539f87881e58e3a6e3df41df0c01f15106d8c097f8a658ab7f7ac31212afbbffc19ac658d","ssdeep":"","tlshash":"7ff054800d6174120f1508eb96ddc1330930db7414f039f34a9c23e52c79fbe8a4052d","first_seen":"2024-08-12T23:20:08Z","last_seen":"2024-08-19T13:41:24.292342Z","times_seen":47316,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml","fqdn":"aus5.mozilla.org","domain":"mozilla.org","tld":"org"},"ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-14T17:57:20.221482458Z","timestamp":1723658240221,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1\r\nHost: aus5.mozilla.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\nrule-id: unknown\r\nrule-data-version: unknown\r\ncontent-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-09-23-08-12-55.chain; p384ecdsa=S5wSSYmf7oZtFLvFa78Kf43Wc7wQVRJTmFijkVk3SI0Q5GvayhHPr0zIQlOIpevzlhWk9_xyambzDGh5_j0MmjXoBViA45u_N7DS_FUrMy_2LoeiYdPj3aFQc_KMRyB6\r\nstrict-transport-security: max-age=31536000;\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-proxy-cache-status: MISS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Wed, 14 Aug 2024 17:55:09 GMT\r\ncontent-type: text/xml; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 444\r\nage: 131\r\ncache-control: public,max-age=90\r\nalt-svc: clear\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":444,"size_decoded":721,"mime_type":"text/xml; charset=utf-8","magic":"XML 1.0 document, ASCII text, with very long lines (332)","md5":"3b324dec137a87ef7e24a30a65b13dd0","sha1":"c0faa95b2f1018e264b3a14aaf50d1003e6c27b3","sha256":"6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463","sha512":"eee5d0a6354c5cfafdba69236359dbb38be1d7cbfd841230c07617fa3d8982751d8ddbe4f3b9c533a277e836b28a2f483d8ddc79aa09573ca9d49fc16341c061","ssdeep":"","tlshash":"54011069bdb5f89100860aa76626c8015a232287e1541888b8df5fc04f9b9b4536f09d","first_seen":"2023-10-13T18:17:52Z","last_seen":"2025-06-20T01:29:36.566077Z","times_seen":185315,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"performance.radar.cloudflare.com/beacon.js","fqdn":"performance.radar.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://104.26.6.166/","date":"2024-08-14T17:57:01.500Z","timestamp":1723658221500,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"radar.cloudflare.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jul 2024 22:29:53 GMT","end":"Wed, 16 Oct 2024 22:29:52 GMT"},"fingerprint":{"sha1":"69:78:C8:2A:97:13:62:D6:EF:D3:F8:B0:E4:26:B7:1A:A0:D8:74:6F","sha256":"B0:D0:F1:B7:7C:88:20:E6:D6:8F:99:C5:4D:B2:6C:FE:39:3E:01:F7:F0:4F:4C:3B:6F:0D:56:31:B6:43:B3:B6"}}},"request":{"raw":"GET /beacon.js HTTP/1.1\r\nHost: performance.radar.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 14 Aug 2024 17:57:01 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: no-store, max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nreferrer-policy: no-referrer\r\ntiming-allow-origin: *\r\nset-cookie: __cf_bm=qsNv0IvqiX0YvuAGULyJnMkcbNCttZjd5yMnpKg3G9U-1723658221-1.0.1.1-2y6jfTcRDoePYX8V1JQikAEn9NLA2wSrnlSlcm75AGfLOLfQkq7rDT0h.cOg_351CjRvHznq88QNEwUDKV7Cbg; path=/; expires=Wed, 14-Aug-24 18:27:01 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 8b32d32c7c5c5687-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8741,"size_decoded":8741,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9163), with no line terminators","md5":"3fe0d1a2fe2f6fe039e2fd44863682e9","sha1":"ebe4908a3b02c8da952807238e8719452451a096","sha256":"f7e6bf6df2da73692f373604f1b22cfd8a246ff78efe36f6b1653537cff1f7fe","sha512":"2ef82934cb361e2a5e1e9745d0289d5c019bb0c1ed8db16d12675a7f7b83a783fc2570179072c3caf6e29537670203c869cb396e3d4f5628ad22370b2d159c87","ssdeep":"192:c34d1an1U1Kf88Kvmv1IygAVAWb97RfEFHYhvJ4nFHYdzPTUx2/+HY8XmnSPI4:+y1an1U1Kf88KOvCyt7EF4hvJ4nF4tPs","tlshash":"8d121a72fb50c903c5850c4e09babe3f3621f08e0783519d764ecd29a1989f676b2b96","first_seen":"2024-08-19T13:18:55.079882Z","last_seen":"2024-08-19T13:18:55.079882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":91,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}