{"report_id":"c6d5cb70-d38d-481d-9658-1ce0a19537e1","version":6,"status":"done","tags":["telegram","phishing"],"date":"2023-11-28T12:55:23Z","url":{"schema":"http","addr":"jfss.cc/","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":0,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"jfss.cc/","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"title":"telegram"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:17:49Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"jfss.cc","ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"domain_registered":"2023-11-03","domain_rank":0,"first_seen":"2021-02-15 17:39:36","last_seen":"2023-11-04 18:04:14","alert_count":511,"request_count":260,"received_data":2577416,"sent_data":118005,"comment":"","tags":null,"fingerprints":null},{"fqdn":"venus.web.telegram.org","ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":47739,"first_seen":"2017-01-29 19:00:26","last_seen":"2023-11-27 13:24:46","alert_count":0,"request_count":2,"received_data":956,"sent_data":812,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kws2.web.telegram.org","ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":49675,"first_seen":"2021-06-23 11:46:47","last_seen":"2023-11-27 13:24:46","alert_count":0,"request_count":2,"received_data":436,"sent_data":1158,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kws4.web.telegram.org","ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":162081,"first_seen":"2021-07-03 15:20:51","last_seen":"2023-11-27 13:24:49","alert_count":0,"request_count":1,"received_data":218,"sent_data":579,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kws1.web.telegram.org","ip":{"addr":"149.154.174.100","port":0,"asn":59930,"as":"Telegram Messenger Inc","country":"Antigua and Barbuda","country_code":"AG"},"domain_registered":"2003-12-15","domain_rank":121574,"first_seen":"2021-06-23 18:38:40","last_seen":"2023-11-27 13:24:53","alert_count":0,"request_count":1,"received_data":218,"sent_data":579,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kws3.web.telegram.org","ip":{"addr":"149.154.174.100","port":0,"asn":59930,"as":"Telegram Messenger Inc","country":"Antigua and Barbuda","country_code":"AG"},"domain_registered":"2003-12-15","domain_rank":488828,"first_seen":"2021-08-03 21:29:13","last_seen":"2023-11-24 03:50:46","alert_count":0,"request_count":1,"received_data":218,"sent_data":579,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:05Z","timestamp":1701176105,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":57285,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:05.681153+0000\",\"flow_id\":2013729292641473,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":57285,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64735,\"rrname\":\"jfss.cc\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:05.681153+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:05Z","timestamp":1701176105,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47000,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:05.681292+0000\",\"flow_id\":290377960088908,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47000,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":29718,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:05.681292+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:06Z","timestamp":1701176106,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51159,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:06.425668+0000\",\"flow_id\":202013303013060,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51159,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35950,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:06.425668+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:06Z","timestamp":1701176106,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40643,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:06.426777+0000\",\"flow_id\":708810854007577,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":40643,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6618,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:06.426777+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:06Z","timestamp":1701176106,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49173,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:06.427356+0000\",\"flow_id\":1870792781104476,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49173,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":25838,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:06.427356+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:06Z","timestamp":1701176106,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35594,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:06.428027+0000\",\"flow_id\":1818308280748027,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35594,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6660,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:06.428027+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.034794+0000\",\"flow_id\":378948775806954,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51918,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":38404,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.034794+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38301,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.077658+0000\",\"flow_id\":2187318985961306,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38301,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15934,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.077658+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38463,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.079006+0000\",\"flow_id\":1902433805218974,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38463,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35511,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.079006+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49437,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.421528+0000\",\"flow_id\":1608048156831384,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49437,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44601,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.421528+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52109,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.440029+0000\",\"flow_id\":1359648723285725,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52109,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":31684,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.440029+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:07Z","timestamp":1701176107,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34363,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:07.443016+0000\",\"flow_id\":1729106105057928,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":34363,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":12470,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:07.443016+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33613,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.211917+0000\",\"flow_id\":2042630127762381,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33613,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44574,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.211917+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46343,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.216580+0000\",\"flow_id\":1864668157857284,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46343,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36524,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.216580+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.219484+0000\",\"flow_id\":2150485346507100,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37414,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7342,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.219484+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.222015+0000\",\"flow_id\":656910469325631,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59634,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53613,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.222015+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55268,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.232226+0000\",\"flow_id\":1770565424417570,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55268,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59695,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.232226+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43360,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.233610+0000\",\"flow_id\":1528157470232714,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43360,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23250,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.233610+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37530,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.234326+0000\",\"flow_id\":2243106316260182,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37530,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39974,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.234326+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.235840+0000\",\"flow_id\":2174262285474112,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60148,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33108,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.235840+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50735,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.237197+0000\",\"flow_id\":1205858829377165,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50735,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33324,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.237197+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47319,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.238273+0000\",\"flow_id\":2052577272046273,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47319,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13592,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.238273+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56595,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.239434+0000\",\"flow_id\":733438196623178,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56595,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":10073,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.239434+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39963,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.246512+0000\",\"flow_id\":130519277552368,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39963,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61656,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.246512+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41270,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.252781+0000\",\"flow_id\":379601610922861,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41270,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35044,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.252781+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50441,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.268839+0000\",\"flow_id\":2248560924695079,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50441,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":30459,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.268839+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35911,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.270194+0000\",\"flow_id\":731840468754290,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35911,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":55290,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.270194+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47949,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.273748+0000\",\"flow_id\":928996647513428,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47949,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":55201,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.273748+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38079,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.281619+0000\",\"flow_id\":190515675679763,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38079,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":30370,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.281619+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56769,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.286494+0000\",\"flow_id\":434212120059678,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56769,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":10782,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.286494+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38981,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.287664+0000\",\"flow_id\":2129925338063792,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38981,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13302,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.287664+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35417,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.292438+0000\",\"flow_id\":977864785426006,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35417,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":28077,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.292438+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46262,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.311642+0000\",\"flow_id\":1963465290596698,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46262,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":41798,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.311642+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37008,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.315377+0000\",\"flow_id\":686099067097073,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37008,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":57475,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.315377+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36617,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.316535+0000\",\"flow_id\":1783063779267703,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36617,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36667,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.316535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50675,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.318153+0000\",\"flow_id\":1248593753987785,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50675,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":12301,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.318153+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43873,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.318943+0000\",\"flow_id\":418518309592543,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43873,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6526,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.318943+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48042,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.320800+0000\",\"flow_id\":1002440588322080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48042,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":3650,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.320800+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33099,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.321683+0000\",\"flow_id\":1521646299834515,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33099,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58180,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.321683+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35963,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.323824+0000\",\"flow_id\":1604109671919856,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35963,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":25251,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.323824+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38277,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.328079+0000\",\"flow_id\":1340497464131983,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38277,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14369,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.328079+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41821,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.329593+0000\",\"flow_id\":1609177733269369,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41821,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35815,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.329593+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55601,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.334343+0000\",\"flow_id\":235226285218311,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55601,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":8094,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.334343+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33534,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.338440+0000\",\"flow_id\":935902954924552,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33534,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1459,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.338440+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42920,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.339311+0000\",\"flow_id\":1399862502108527,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42920,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33306,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.339311+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40750,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.343238+0000\",\"flow_id\":1237452608781510,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":40750,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":19839,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.343238+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35427,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.344418+0000\",\"flow_id\":311904336363874,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35427,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2194,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.344418+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43907,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.348322+0000\",\"flow_id\":450472866238626,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43907,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":54012,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.348322+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36462,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.369590+0000\",\"flow_id\":1285972854350774,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36462,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2517,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.369590+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33241,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.372632+0000\",\"flow_id\":132151365119896,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33241,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7755,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.372632+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.377103+0000\",\"flow_id\":2115687521501455,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42776,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":11563,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.377103+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55558,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.378285+0000\",\"flow_id\":55902810719661,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55558,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1234,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.378285+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59952,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.379894+0000\",\"flow_id\":1705088648006646,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59952,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14246,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.379894+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37055,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.380990+0000\",\"flow_id\":794254933545022,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37055,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":54602,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.380990+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60145,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.381934+0000\",\"flow_id\":1260581007709166,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60145,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":60453,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.381934+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46079,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.385063+0000\",\"flow_id\":1401550424301607,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46079,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1320,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.385063+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":57904,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.388249+0000\",\"flow_id\":86835165195417,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":57904,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":57480,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.388249+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51689,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.413658+0000\",\"flow_id\":1430812036452314,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51689,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2449,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.413658+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50440,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.415007+0000\",\"flow_id\":642187321431327,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50440,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7910,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.415007+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50506,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.428754+0000\",\"flow_id\":1893599057578706,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50506,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":19687,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.428754+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.438341+0000\",\"flow_id\":1487316626223173,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59546,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35448,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.438341+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36284,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.443723+0000\",\"flow_id\":2245855095342411,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36284,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":10833,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.443723+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47710,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.444702+0000\",\"flow_id\":1575260376582430,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47710,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40121,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.444702+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35938,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.446010+0000\",\"flow_id\":1264317629255226,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35938,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40747,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.446010+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33240,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.446841+0000\",\"flow_id\":1458067898945913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33240,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64089,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.446841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50527,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.458094+0000\",\"flow_id\":1331950479277422,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50527,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58547,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.458094+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.459189+0000\",\"flow_id\":1593904829563317,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":53968,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14005,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.459189+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60656,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.459816+0000\",\"flow_id\":786785985365032,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60656,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":62221,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.459816+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50293,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.460851+0000\",\"flow_id\":1040704451905587,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50293,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":20979,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.460851+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":57819,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.461377+0000\",\"flow_id\":1512953285970497,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":57819,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":38745,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.461377+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60715,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.465521+0000\",\"flow_id\":106437395880561,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60715,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23066,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.465521+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51133,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.466056+0000\",\"flow_id\":821596695305352,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51133,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":43601,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.466056+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47812,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.468130+0000\",\"flow_id\":652001321690274,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47812,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32473,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.468130+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54893,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.469426+0000\",\"flow_id\":2199778686151090,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":54893,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14992,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.469426+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33009,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.470754+0000\",\"flow_id\":855050195578594,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33009,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":3615,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.470754+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41580,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.471815+0000\",\"flow_id\":1552243646804743,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41580,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61579,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.471815+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47400,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.473681+0000\",\"flow_id\":532901878577745,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47400,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1711,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.473681+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53260,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.486424+0000\",\"flow_id\":150877422513176,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":53260,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":50741,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.486424+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56422,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.487865+0000\",\"flow_id\":1329888894939577,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56422,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":57298,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.487865+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48455,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.474532+0000\",\"flow_id\":579231690800548,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48455,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":9757,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.474532+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55690,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.495965+0000\",\"flow_id\":609932117053789,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55690,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":12854,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.495965+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50614,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.498016+0000\",\"flow_id\":1654158925797728,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50614,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":19963,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.498016+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44562,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.504047+0000\",\"flow_id\":2133988377145583,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":44562,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58467,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.504047+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44879,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.506596+0000\",\"flow_id\":1153455933405924,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":44879,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6022,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.506596+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38949,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.514980+0000\",\"flow_id\":574077730085796,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38949,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47344,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.514980+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51481,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.520834+0000\",\"flow_id\":1890712839582338,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51481,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":10320,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.520834+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33784,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.536767+0000\",\"flow_id\":74444184498367,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33784,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23297,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.536767+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34010,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.540495+0000\",\"flow_id\":277965504790351,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":34010,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":45585,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.540495+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48254,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.541609+0000\",\"flow_id\":1834891149591465,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48254,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64205,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.541609+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33202,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.542474+0000\",\"flow_id\":79473591207690,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33202,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":63033,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.542474+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56641,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.543520+0000\",\"flow_id\":130154205301536,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56641,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":16329,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.543520+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60332,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.552607+0000\",\"flow_id\":826806490656415,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60332,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13003,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.552607+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42069,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.554421+0000\",\"flow_id\":1913231353083317,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42069,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":55323,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.554421+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33343,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.555720+0000\",\"flow_id\":1388334809905864,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33343,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64945,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.555720+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35793,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.558218+0000\",\"flow_id\":2068992637043850,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35793,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":28920,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.558218+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39566,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.561732+0000\",\"flow_id\":1770689978470980,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39566,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53259,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.561732+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48559,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.562567+0000\",\"flow_id\":577655437825415,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48559,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":21447,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.562567+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35565,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.569040+0000\",\"flow_id\":1825772934049488,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35565,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":43691,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.569040+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58817,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.573141+0000\",\"flow_id\":258625267089109,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":58817,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":24983,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.573141+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.573936+0000\",\"flow_id\":1388575328092656,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36494,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35491,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.573936+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":32798,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.579406+0000\",\"flow_id\":431652319582030,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":32798,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58890,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.579406+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47823,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.588051+0000\",\"flow_id\":838347067816211,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":47823,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":26051,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.588051+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39772,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.618639+0000\",\"flow_id\":933639507177615,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39772,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36352,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.618639+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.624932+0000\",\"flow_id\":752413362129188,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37679,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61931,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.624932+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59695,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.625671+0000\",\"flow_id\":1102736664595463,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59695,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40389,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.625671+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44999,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.628745+0000\",\"flow_id\":604069486696457,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":44999,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":51828,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.628745+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51524,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.629560+0000\",\"flow_id\":1133948191939384,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51524,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2041,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.629560+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59065,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.632276+0000\",\"flow_id\":1391521675650516,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59065,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44826,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.632276+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56723,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.648658+0000\",\"flow_id\":1680787723052498,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56723,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23821,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.648658+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34981,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.649851+0000\",\"flow_id\":560754741537403,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":34981,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53371,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.649851+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43755,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.664801+0000\",\"flow_id\":2140503842497761,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43755,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":60688,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.664801+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54421,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.670391+0000\",\"flow_id\":983783250344631,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":54421,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":50444,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.670391+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46493,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.678312+0000\",\"flow_id\":1709366435404200,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46493,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61843,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.678312+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52942,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.679556+0000\",\"flow_id\":759354029268612,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52942,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":27649,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.679556+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43952,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.680202+0000\",\"flow_id\":1199785745604874,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43952,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":48209,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.680202+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.696942+0000\",\"flow_id\":1344706532123246,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37218,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18068,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.696942+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46908,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.699670+0000\",\"flow_id\":350400128265494,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46908,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":54656,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.699670+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36367,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.709556+0000\",\"flow_id\":1159675046056884,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36367,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":22801,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.709556+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33531,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.710460+0000\",\"flow_id\":2128817236531004,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33531,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":29841,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.710460+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41503,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.725147+0000\",\"flow_id\":2164113277718683,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41503,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":38990,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.725147+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38219,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.726189+0000\",\"flow_id\":1930333912831149,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":38219,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32210,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.726189+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36057,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.731019+0000\",\"flow_id\":1606991594923915,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36057,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7700,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.731019+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44382,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.733044+0000\",\"flow_id\":908518243446644,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":44382,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32629,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.733044+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41361,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.735395+0000\",\"flow_id\":591395038181539,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41361,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":26601,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.735395+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53021,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.739306+0000\",\"flow_id\":1056883593725930,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":53021,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37712,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.739306+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54494,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.740800+0000\",\"flow_id\":2154273507659200,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":54494,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":12581,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.740800+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59387,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.741879+0000\",\"flow_id\":341157358621175,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59387,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":17634,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.741879+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37851,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.745130+0000\",\"flow_id\":257744798768810,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37851,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":30871,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.745130+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39623,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.749218+0000\",\"flow_id\":1897370038857378,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39623,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59651,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.749218+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40619,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.752209+0000\",\"flow_id\":157225384180305,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":40619,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59020,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.752209+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35993,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.754708+0000\",\"flow_id\":1236078219265044,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35993,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36391,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.754708+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58088,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.755652+0000\",\"flow_id\":177274291521476,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":58088,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14785,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.755652+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36926,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.757293+0000\",\"flow_id\":1746805665336877,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36926,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58621,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.757293+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52166,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.760923+0000\",\"flow_id\":1684880826866779,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52166,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7792,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.760923+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45791,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.765048+0000\",\"flow_id\":161898308611192,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":45791,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53483,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.765048+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34599,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.766699+0000\",\"flow_id\":1711745847309035,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":34599,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39811,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.766699+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49326,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.767366+0000\",\"flow_id\":1152429436220806,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49326,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":51284,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.767366+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39135,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.770406+0000\",\"flow_id\":1162020098195814,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39135,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44927,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.770406+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41790,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.772361+0000\",\"flow_id\":1341197543852297,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41790,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18800,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.772361+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40568,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.775771+0000\",\"flow_id\":1394949059565147,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":40568,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39062,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.775771+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60963,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.779326+0000\",\"flow_id\":1870646752371774,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60963,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":17830,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.779326+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39489,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.782769+0000\",\"flow_id\":393427110654385,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39489,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64231,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.782769+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51836,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.789092+0000\",\"flow_id\":1559527911328356,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51836,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":34354,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.789092+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43330,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.790410+0000\",\"flow_id\":1796687415480202,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43330,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":63520,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.790410+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33149,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.794336+0000\",\"flow_id\":807311634079456,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":33149,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":31519,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.794336+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.796261+0000\",\"flow_id\":474593402562149,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35094,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":5210,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.796261+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37226,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.799097+0000\",\"flow_id\":1416041643913593,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37226,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36487,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.799097+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55072,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.823045+0000\",\"flow_id\":1221123143143173,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55072,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":20349,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.823045+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42881,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.825313+0000\",\"flow_id\":1755494384179169,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42881,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":28008,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.825313+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.841423+0000\",\"flow_id\":1242056813762255,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":54732,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14172,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.841423+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51869,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.844623+0000\",\"flow_id\":955582495122255,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51869,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":45377,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.844623+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41225,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.849604+0000\",\"flow_id\":12682554832580,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41225,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":16795,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.849604+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55024,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.851127+0000\",\"flow_id\":2249669026315447,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":55024,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37212,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.851127+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56238,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.853781+0000\",\"flow_id\":1057111226976021,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56238,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":17897,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.853781+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46745,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.861086+0000\",\"flow_id\":362413151757214,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46745,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59779,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.861086+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42296,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.863223+0000\",\"flow_id\":237201970179063,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42296,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15141,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.863223+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52925,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.874292+0000\",\"flow_id\":1965269176833844,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52925,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":52727,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.874292+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49323,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.875374+0000\",\"flow_id\":301102493621102,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49323,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":14316,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.875374+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41696,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.878024+0000\",\"flow_id\":674678749029832,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41696,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":26610,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.878024+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53071,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.880973+0000\",\"flow_id\":1497573008109901,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":53071,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1612,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.880973+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58303,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.886417+0000\",\"flow_id\":1816019063309969,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":58303,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1306,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.886417+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58651,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.887274+0000\",\"flow_id\":705508024289770,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":58651,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18304,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.887274+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42525,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.889495+0000\",\"flow_id\":624028199719575,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42525,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":4373,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.889495+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45142,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.944617+0000\",\"flow_id\":1311399060728297,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":45142,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":31288,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.944617+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49221,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.947308+0000\",\"flow_id\":516203045745772,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49221,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":20249,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.947308+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52450,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.950106+0000\",\"flow_id\":1951512396595034,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52450,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18552,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.950106+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56023,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.951745+0000\",\"flow_id\":1340428744689089,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56023,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":41882,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.951745+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51265,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.964565+0000\",\"flow_id\":97512453879765,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51265,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":16861,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.964565+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.966286+0000\",\"flow_id\":636891626782350,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51116,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6603,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.966286+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":44115,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.967034+0000\",\"flow_id\":1824510213669242,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":44115,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2152,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.967034+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50016,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.967810+0000\",\"flow_id\":1469024360514690,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50016,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":42468,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.967810+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36962,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.968971+0000\",\"flow_id\":478802470553867,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":36962,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61577,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.968971+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48120,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.970393+0000\",\"flow_id\":1118902921514649,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48120,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":61404,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.970393+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42949,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.971585+0000\",\"flow_id\":787979986326337,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42949,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6864,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.971585+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43905,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.974656+0000\",\"flow_id\":2221652954636096,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43905,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":5893,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.974656+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48379,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.977069+0000\",\"flow_id\":620068239894701,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":48379,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15782,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.977069+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59170,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.979863+0000\",\"flow_id\":545340103914391,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":59170,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":21087,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.979863+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52889,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.983088+0000\",\"flow_id\":1791984426287152,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52889,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53385,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.983088+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43061,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.984235+0000\",\"flow_id\":2107990940058795,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":43061,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":56254,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.984235+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46023,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.985072+0000\",\"flow_id\":1548017398974448,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46023,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15976,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.985072+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:08Z","timestamp":1701176108,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:08.986036+0000\",\"flow_id\":685441937050548,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60810,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":10740,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:08.986036+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56126,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.000884+0000\",\"flow_id\":1564651807376244,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":56126,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":54370,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.000884+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.002504+0000\",\"flow_id\":2038468293621961,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37666,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13682,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":2}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":169,\"bytes_toclient\":91,\"start\":\"2023-11-28T12:52:22.784585+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39592,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.003571+0000\",\"flow_id\":2096587801955827,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39592,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13823,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.003571+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52135,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.006319+0000\",\"flow_id\":801809781037231,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52135,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":109,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.006319+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60364,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.007544+0000\",\"flow_id\":292435249667448,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60364,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":46466,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.007544+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58557,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.028247+0000\",\"flow_id\":1081467986603607,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":58557,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18664,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.028247+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.200383+0000\",\"flow_id\":1142374917803711,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":35116,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23477,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.200383+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40651,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.202687+0000\",\"flow_id\":1524953424664511,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":40651,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":30552,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.202687+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53768,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.778016+0000\",\"flow_id\":1407937040736032,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":53768,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15412,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.778016+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52827,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.907649+0000\",\"flow_id\":420017253243265,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":52827,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":16578,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.907649+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:09Z","timestamp":1701176109,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49527,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:09.908804+0000\",\"flow_id\":1991202189467140,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":49527,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":40990,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:09.908804+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:10Z","timestamp":1701176110,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51239,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:10.093581+0000\",\"flow_id\":1746328924089741,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":51239,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":3717,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:10.093581+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50299,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.293780+0000\",\"flow_id\":2098804005239700,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":50299,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59298,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.293780+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60259,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.302071+0000\",\"flow_id\":839850306542583,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60259,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":22704,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.302071+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37710,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.303924+0000\",\"flow_id\":394964709122868,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":37710,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7211,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.303924+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41410,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.312151+0000\",\"flow_id\":1519838118789975,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":41410,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":357,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.312151+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46274,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.458185+0000\",\"flow_id\":1164567014014409,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":46274,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":35292,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.458185+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60303,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.471657+0000\",\"flow_id\":71854319415913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":60303,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":24121,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.471657+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39400,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.474318+0000\",\"flow_id\":694353994398926,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":39400,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":24058,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.474318+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T12:55:11Z","timestamp":1701176111,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42089,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T12:55:11.482157+0000\",\"flow_id\":1976839818926957,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.89\",\"src_port\":42089,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44094,\"rrname\":\"jfss.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2023-11-28T12:55:11.482157+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"jfss.cc/85.c5a45a5b8327be101844.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"15b6511f88de06c3aab675c04d0f429a","sha1":"b0d07ac9a3ec3df762b2c3d9b4fa4ceaefedc9d8","sha256":"d7df1f14aa9d41a5922178f5651afd43651d89d2c42a8117edf7beb9a5019b5d","sha512":"9a5e26c24d83e3d92d63417f845939881e6d3ef3b9905fe4f27a4fbd275b5684b2ad48ae30343d54edc9e1d0fca4f0dae2018344b6fab9fe3f78135fc419d59d","ssdeep":"192:rKLOdAwPo8svzwTZkOhAB/xCcjavR2CWkImV7qH18ERP9hSAdRhoD3:eyfo8svzwT7hABZCcjAWkImERP9thoz","tlshash":"56f173d7b3e9a42810f0d9ebf07e26124912350d3518586cf72eecee9d5b98a71b6d30","size":7684,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-10-25T21:37:27.280282Z","times_seen":872,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/301.a12a7ef63649432e7e70.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"73954dfcd77cb925541ad9061d760a0e","sha1":"02c1af8e7764b156bf368d26d60b9c73f23c37b4","sha256":"2e4bdb702992fa80c3f2468af8405f571d9acea87bf05364a6348456ceaec850","sha512":"8491d46384978249c3326387e5858e5e251871c908bb9c051a4e5f166210b256479907b85ed2c432d0e290b4a23bef74be0c2c445a8230aa6e2e6396558f607a","ssdeep":"","tlshash":"6c3174198712aa0d278506d124f6221a357c8d706b50cf1e1f6b021bffe7a5f91c6d12","size":1722,"data":"","first_seen":"2023-11-04T19:01:27Z","last_seen":"2024-08-20T20:54:49.573841Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/104.7fce50fd24cd57ba2286.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff7c944d6103ab59cf674f5055c9a512","sha1":"fb74a84a1bf5bc125544a21648841e72e40129ea","sha256":"f5c237b8f93cd3ee41011af05d9cd8290e9c809a4375f62be30c741800e15623","sha512":"0e0e59a78e73389a48c1d88a1d3c3a5aeb1fd940642ff308f47ea2e5e5ef9c25b9862fed06c71f88dc26d194fa69795f689c4ab35d4c8c145505c659733ee82a","ssdeep":"768:Yyn1ok23pR/P5R2xnI3kpZ6x4Tmk82MX33JbRTJs4aG6HeIuY6ut+r2hlpfX:8pR/P5RqnI3k/mklUPs4aGw6usK","tlshash":"cf53077ba7110d7d06d742e37dc67402b2b942b8c2601432eb9e846f13fd9da627b366","size":64990,"data":"","first_seen":"2023-11-04T19:01:27Z","last_seen":"2024-08-20T20:54:49.578125Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/8.cf6e90ba29bab54a0fb4.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e9b853f8310b629a168148ed12eb2b0","sha1":"3844dfc47f259f8a279a1ab25fba58563729566e","sha256":"8ce6001ed025f9a2a010f19a8bbdbfc68e8c7db58343679a8a49cbe2fff455b3","sha512":"df77c6e0fa5ffeabc0d6b4a3a350135dd97418a5cbf6e6cbf27e51bfdc0d752b712e850f5f2af9c5d4f39860fce148e60fe6b2ab92cfd6baeba9fc0589a2a893","ssdeep":"384:s9LCLXFLzLNL5LrLnLsLILWLzLHLSLRLxLjLRLiL/uLxLQOLXLULrLzLgLwLBLsK:sNeVn9JPLEgCnrOxR3x+/qRQKbcPnoYt","tlshash":"84b2935de4b18e58acb38a49f43a921bc6a85e07ca7c3477aec87f1608635fdc410779","size":24208,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-10-25T21:37:27.3285Z","times_seen":863,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/297.c801a325152b96edf3cb.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"245f3ac996827f02a3a25a0f701877c0","sha1":"eba1386e6363dc6a630ddf57e73c008e8fd337a2","sha256":"76439e361832e5cc02496b3a55a563b5fad3993ec187cd6bb4de4b1d29e02c90","sha512":"6d58e1288b011bfa99ec11a3dc2833dd4df5d2109a99daea64d3709c5f97c2e3fc42c987e38346c6fc1c549400929df4a7a1cc90703602f1703d12599b9eb2f4","ssdeep":"24576:xjEBlJ5qsRRXAhQm1Q2Ldkgb5A7iekGiDdU9kwWH44VC7gJegZCrcqbcN7mUGx2o:xjEBlJ5qsRRXAhQm1FLdkgb27iekGiDW","tlshash":"e16509a57355a87596ea84efb0fa2740b33060497401c02cb97cccdf5e2ae867276f79","size":1430906,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-04-12T16:13:15.177405Z","times_seen":836,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/110.874d0e79405a58485218.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c3339f18f89c9fc77d2916471533e24","sha1":"bd2d48a3493f473a51de482e2a64faa80ea4a0cc","sha256":"b306f78e88be80d4519da9fae17ac1736a5227313378c4ddb9b1a9af4d4ecc28","sha512":"d7a7d4b3ce8ddfe75fbfe0373983d2d2672797f41626edb8d7fe41787e5b1855fff7ecc82168fac0ce7e858cf479bcb943f1d8960a4dd9c5440c983fe2a6112c","ssdeep":"768:zisU7BMvoL6YHuwN67aUkJ7EeUaZ+T3DckHJG8Oow1Cp1cI//YWjoXgAM:IgkJQIyzH5xzH","tlshash":"99b2a387a372ae9872ad20e7e819d547d5a80467300c50b8f7edadc0bdd208993b7df5","size":25384,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-10-25T21:37:27.3122Z","times_seen":868,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/main.36b482e31e9db4b35402.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5a1322d13c989b9df2a846c8ecdb57","sha1":"bcaf6945cfef24fd6a733d20174120cdd7cf3ac7","sha256":"b857909fcab75dc8693ddd796c52db0bd3527f53ea0659fd50bf093109a99597","sha512":"d7e05651f509e49adbb4b940ed7c84c1cfe79f3c35bc66bedb1b5f4c8d2e9b0f01bffcf39ee760adf6c548e27902c6224a2710ff0a605dc4de72cf9c287b4582","ssdeep":"1536:Jq90IqMCp1l4/swKkFZ9ajLWK7nj9Y8uzo73LknQnxA9xRylRJ3/NRPEZZ0g9k5D:JqWIyRxkxoRMZi3GmJD","tlshash":"65634a927384a47a06e204faf4bb63817336350834059874f36ddce66a27dca3267fb5","size":71813,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-10-25T21:37:27.408292Z","times_seen":426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/147.6f6c83fdc631d19a7e7c.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"2298c34ba14f1ae56d6c3e5cae22012e","sha1":"dd7ab445cc9729d76eae7fa73e6b8463dba8f342","sha256":"8f83c1b8597f84a4f55c9261d9df0808d6af3154340caeffe4db5c679e8dfdcf","sha512":"f9f089a720233eaea8b8a51e4a64ddf0404d8b7521b871cbd4b59a9effa17c0634769a863c9f6e76d9c3b0edae9c7773f994c33de62f4fd1c02a7913ef9e2546","ssdeep":"768:j2d2iNCDIrElsfrCA1AjVobT1WXMdESuh0VcgarCaHXBHuRXVr2Z/vYc4MeUPBKm:jc2iN2IAjVobT1WXMdESuhuaea8Hr2WS","tlshash":"0af21949739f287f839505c7b47a1401d1bb1732394abc2aba9cee991d23b4321d7e78","size":35988,"data":"","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-10-25T21:37:27.263752Z","times_seen":870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/63.830398b4d85ed6aa13bd.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"d88b229ce4f890cfc59d4d9ef9492d1c","sha1":"2e402bc3d820ea45ec8544b70cfb35aa06086141","sha256":"4f26260db6fbdbe9e721237561be1d1d0fa2f0a43392248365a50b7298f28966","sha512":"7f61ec61b2be661bc319f18421d1587bed06cb650fb7527f604a533af72fdd222937c6a6558ff7d8b84e619048a0e02d620645bdd5e306c4053c7137ac97509e","ssdeep":"192:tX990WTXKJK0EcvMW6viw62AvH8XM+XCg1MdgFZn7Kzmkiw8HOFr3buVhOZ51afU:tX990WzIscvMWGiw62APWMsCg1WiZn7g","tlshash":"48122a85e3d8d07145ea05fbf4feb96414700a6cb3248c7a6574ce2b2407e8753e3baa","size":9185,"data":"","first_seen":"2023-11-04T19:01:27Z","last_seen":"2024-08-20T20:54:49.576391Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"jfss.cc/style-desktop.7ec8ed3b19fabb19d057.css","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:06.436Z","timestamp":1701176106436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /style-desktop.7ec8ed3b19fabb19d057.css HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: text/css\r\ncontent-length: 338\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-152\"\r\nexpires: Wed, 29 Nov 2023 00:55:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":338,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c2b4ab577d367d40005e134c23c213de","sha1":"4a5e637d46709d44b41fab79bf6bc202ad50f598","sha256":"322deb24d6d5efcf38e98818033dc373a21e67a4535703a0bae2772b13d9f5ce","sha512":"dc43de6c88dad6841971410e25c369fea1fcfdedade12ba1416a66424085c06ae2dc41f07f3e16d7e08e7699074d4ca224e0fab15481dc41884405500f0722b0","ssdeep":"","tlshash":"7ee026665e4310bcebaff02e66124a685b1d8405f982ab9db515e16886ce2f68010f99","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-07T07:18:40.807895Z","times_seen":1799,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.423Z","timestamp":1701176107423,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 9024\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-2340\"\r\nexpires: Thu, 28 Dec 2023 12:55:03 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\\012- data","md5":"87fecdadac0beb95f9b7c87b3b3236f0","sha1":"822f92446c0033a32462aa21208efaef1f0d8c3c","sha256":"25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b","sha512":"603d025201a021852145c37e39c57d10d1617880ebeadd24b1d9248d428e4ee6922c37722ac4ac466968abdb4ad31e3305df45cd30df3a89e9faea1931a795a4","ssdeep":"192:MSOPMxBuIuGdsN/Afww5K5GcM+HALXeH1iTLnjB1qw9pyopP4P:LjTusCbw53eHs11l9pP4P","tlshash":"e412bfd50a6dd7b5ea7d350ebaaea1523eba60c21b27400c87c5744bd1296f2c8fc588","first_seen":"2023-05-07T08:18:36Z","last_seen":"2026-06-07T07:18:40.799852Z","times_seen":5243,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/favicon-16x16.png?v=jw3mK7G9Ry","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.425Z","timestamp":1701176107425,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 1012\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-3f4\"\r\nexpires: Thu, 28 Dec 2023 12:55:03 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced\\012- data","md5":"e3ce05eb00b3215df220efaf0fd06e21","sha1":"d1533966f79dc2984c34317035f31cf3c91298c9","sha256":"0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21","sha512":"ba09243a9796bb4cbe36f9c2577f042b58264da7171105bcce022145d970fb739150b1503d7aab990867364dd484201a78c79da2b16ad3f13bd4e40def91347d","ssdeep":"","tlshash":"941172c61790a57bd1ab7e7303e11786ec6cc80632c02d82e9cb899dc82cac0069d61e","first_seen":"2023-05-07T08:18:35Z","last_seen":"2026-06-07T07:18:40.800411Z","times_seen":5338,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"venus.web.telegram.org/apiw1","fqdn":"venus.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:08.028360961Z","timestamp":1701176108028,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /apiw1 HTTP/1.1\r\nHost: venus.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jfss.cc/\r\nContent-Length: 0\r\nOrigin: https://jfss.cc\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: text/html\r\ncontent-length: 169\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: origin, content-type\r\naccess-control-max-age: 1728000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":169,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"c2a982d42f89274763eef2a44fe01030","sha1":"86e6d53f6478cdd0c05611093d9c55a953454af7","sha256":"d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a","sha512":"c1e2f30db797583ec9eae6755dab939a2d71f902b557b069efc510e51127db6781456116cbfd764c8b9fc397791df492df52d200afd9e46734b0845912c76e24","ssdeep":"","tlshash":"49c0805d6513ec4dc553213516c36440c199c32795a945110540514370cb25d46c139a","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-09T07:07:27.060544Z","times_seen":3992,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/297.c801a325152b96edf3cb.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.444Z","timestamp":1701176107444,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /297.c801a325152b96edf3cb.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-15d57a\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":461170,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"245f3ac996827f02a3a25a0f701877c0","sha1":"eba1386e6363dc6a630ddf57e73c008e8fd337a2","sha256":"76439e361832e5cc02496b3a55a563b5fad3993ec187cd6bb4de4b1d29e02c90","sha512":"6d58e1288b011bfa99ec11a3dc2833dd4df5d2109a99daea64d3709c5f97c2e3fc42c987e38346c6fc1c549400929df4a7a1cc90703602f1703d12599b9eb2f4","ssdeep":"24576:xjEBlJ5qsRRXAhQm1Q2Ldkgb5A7iekGiDdU9kwWH44VC7gJegZCrcqbcN7mUGx2o:xjEBlJ5qsRRXAhQm1FLdkgb27iekGiDW","tlshash":"e16509a57355a87596ea84efb0fa2740b33060497401c02cb97cccdf5e2ae867276f79","first_seen":"2023-05-18T21:21:15Z","last_seen":"2025-04-12T16:13:15.177405Z","times_seen":836,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.213Z","timestamp":1701176108213,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2803\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-af3\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2803,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c936d63eb74745bc9fb480df7f226298","sha1":"4eab73a341f61f909ed136b9d58136a4c25e43aa","sha256":"631c38bb8def5e43bc0c7238e1f88fd359cee6d8ea8ac293f25912b47582f54b","sha512":"7687c5b878c44d456a28763a5d33aa187d2907406eba5f9f8e2bc38c9deccc7b045113edc10ca3fcc9ea7b86dbcfb1adddfb3d100391e2a9fce27af3f46ecd50","ssdeep":"","tlshash":"c9513af10b1e86a5edfcdd33e590bc4dfa526a5247682506c45fb92830838a99e452ca","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.67007Z","times_seen":5419,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/63.830398b4d85ed6aa13bd.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.448Z","timestamp":1701176107448,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /63.830398b4d85ed6aa13bd.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 04 Nov 2023 05:49:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6545db7f-23e1\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7521,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"ff6bfb458f4738461cbf23ff441109f5","sha1":"4a09319e5234cd5411f7c38bc0bac3021e0ee7da","sha256":"bdb77d24c4632e51a53a6e2f97cc2b17b3657d7a6783b2975b1a15fbd32697de","sha512":"6baf91813a94c621771ff50d1d5dc4fb0414abd1585e092e3814401f95b97d9371495d0b31a1e60e4a0b974a462edd04d9a8702d6e5f3484d9a8f204bd2a9197","ssdeep":"192:hCkrNUqSR2xH/q+TwNGlBJRdCy1sEkVmHpfu+:rtxH/VTwNGnJHCQQmHNu+","tlshash":"e3f1bfcb9bf55cfde24af0b1c41b64e12d3589b01b2fcbe48a9e61a951024d9d20a08f","first_seen":"2023-11-28T13:55:27Z","last_seen":"2023-11-28T13:55:27Z","times_seen":1,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.220Z","timestamp":1701176108220,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2965\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b95\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2965,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"188e7140e1bdb11fe54c30abcbdedc43","sha1":"9de99ca3f057faee16c2301d8d643c791aa5b26f","sha256":"e0f8f0f8ac2f663afe9b26f9b76602dd3a077cadf8de194c990a07fb57d02378","sha512":"7b962f4e94f3207690031545bd00d61d21ccfd89f023cb0ca0b1f766306ce7b105066016d840cd5fbcff02547ce513bfb74ece6291923f8f5ad9016d6f921d0b","ssdeep":"","tlshash":"4b516d7651e4d9a59aa8568f6c2d0fc4c9a44a096d070cfcdf6842eee5903c0cc17fc7","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.880192Z","times_seen":5428,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.222Z","timestamp":1701176108222,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4257\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10a1\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2bdb604142dab47825be67a816593db6","sha1":"2c5ce27e333e0ac2dfb9a41dac010b7a150e6fdd","sha256":"fed1d3d7330a79296807dac46ac1c667c8e14fb763127b9dcdc25745327c393b","sha512":"42c717b891c4cfc4fc505e72d8137e65ff72b6ccb3d45ebfaac3d289292d7c596b11c063a973f8822a997efcf30acb78c52c12461dc4ba63aaba940b3c21e250","ssdeep":"96:LmjDPT9vnvePDYtokcHkzu/WFiVj8/RhQQBmBIdIFggXnosA0+0:Lmf5vvePstokwqto8/RU6GSg3osk0","tlshash":"f0917d8b985b360aee54e3a8056eabd138715f44310ef82ddb76512a0f206b3e96c103","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.28042Z","times_seen":4632,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.225Z","timestamp":1701176108225,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3289\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cd9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3289,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"694942aafb1444640da49318bdf575ef","sha1":"c09902599093c9482b076851da8cf60875b9f466","sha256":"bdffa57230ee57ec4d2c011be6b5b577d7f26ff3489e9525b65383167e1a4b1f","sha512":"36a14246610e79ab61270d6ad798d36718a31bf9eb9f87d5ede8336eb17a69f8e82348bc4014d8fe65197f6c5769e14695627d1b9cdec9fd097f97d3dbf2383f","ssdeep":"","tlshash":"de614be38b695ee19aef2fa58c5b3394a70f316441097858b52274e4da839142874ce7","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.840318Z","times_seen":5450,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/main.36b482e31e9db4b35402.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:06.442Z","timestamp":1701176106442,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /main.36b482e31e9db4b35402.bundle.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Apr 2023 12:08:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64394243-11885\"\r\nexpires: Wed, 29 Nov 2023 00:55:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30777,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"cb98a31c9edf146844a2b809ccd3b9c9","sha1":"8aa478116617a6deb7ab8b9613e4aad6dd379e73","sha256":"b81f4411ac4499380f42786a7039c3c261aefe9d4838554cb3993774cace82e3","sha512":"8d33e34c1c71a51920debacc5d3a911312e9ca4915c48f6523a02f586ddf4fab637f5f52a1bd45197387bbac3bbfdb866ac81babf11a79949fb0eba368367461","ssdeep":"768:qlhMbfahU9lgoHXqvnnalYdkJDeYc8wAMeOqm3e9We:qafahU9l53YnalhvwAMnqR1","tlshash":"c7d2e145063efc27962486e4bb2ed0b9d470d4bfa9744f1b6b88a804fe45385a4714ff","first_seen":"2023-05-31T15:19:08Z","last_seen":"2024-08-20T17:36:01.068041Z","times_seen":8,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":487,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.247Z","timestamp":1701176108247,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4181\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1055\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f4ab04a70ab8f84ade1d0b60f6caf9cf","sha1":"e3ac4fc3eccb1a5df7739b91241b9c6331c9c2bb","sha256":"9c57577d0cbab2397450d169e23779feec66fadf68569c7534596cd8629d7be2","sha512":"7e0e909a5ab23396b2db00eda330ae51941264c6b1435f6a172eea1efef47ae61b42acb6f2c95c3f4a3a4ec3dea85926c1c1bafa816a8b61e675e843eee5ae19","ssdeep":"96:gTbUCtb4pdoVRXkaKq2gG5JcV5q8Iflcwyh4ksIyMkP5yc:gTIU4DoP0aK2Fy8IflJ/ksItkPV","tlshash":"a0816d0cc34cd73315f92998df6462b63e33391e186e18a366468b66067064c22d7ded","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.526628Z","times_seen":5444,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/main.0535ee29a03f18616097.css","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:06.434Z","timestamp":1701176106434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /main.0535ee29a03f18616097.css HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-63742\"\r\nexpires: Wed, 29 Nov 2023 00:55:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99712,"size_decoded":0,"mime_type":"text/css","magic":"gzip compressed data, from Unix\\012- data","md5":"b7bc853072b8cdf81f08c9a49bb4c970","sha1":"119f587d103cf29bca842e149d564f56d039be25","sha256":"5271a8ae6746aa8861c31f66befbf2217b05243a35b3e25b2acb2ec5a0ba2d01","sha512":"331a2a1bc6c92f5ebcabd40e36b91621042956a9a60a2ecccf3d6c6c5496a62e9cb4e75e072cd2f03db1091cecfc8b3e2f78ddad5f17c35b61d0f9523cd80d14","ssdeep":"1536:/IAWdhG8jYwvr3kxs6NKbDpk2BisJ3SFMw7NvbJ0cfkDfp3+sacPxWnVR:/1Azr3wsPN3cdlj8Dfp3+s/8","tlshash":"c6a312f4b47d51b6102d74230b772b24b8e8ec20ea53a03eaba2debed8dd4d58d5d114","first_seen":"2023-11-28T13:55:27Z","last_seen":"2023-11-28T13:55:27Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.253Z","timestamp":1701176108253,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3592\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e08\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"956c42e4dd1a944a0476c70ad19c645a","sha1":"bf0f11e2e3599be4b938c12da00940146265edd8","sha256":"641a3beeee529414cf161b2526429b383653790ab3de6f374e11cd5d63a3b592","sha512":"1c942bba76c86c64709a41b43f8f05a70e6238f932b97aae796faf6d1f1c362f4e00fd0d45e5c51cddf617f39a4f40d8e139c51bd7aa599cdfefbc7271177bf7","ssdeep":"","tlshash":"2b716de5047de7b1d89f87331b717c229f1ac1798a4514aa42adb34e8ca3008c7949ed","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.735267Z","times_seen":5450,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.255Z","timestamp":1701176108255,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3237\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ca5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9a3ed6635e56c144f88635e8fbdd7cc6","sha1":"93108664248734dee36f853edbf31883948884ad","sha256":"597abd49480cefd0e6beaf0d6f5d7821e3b2272e60b9b0ecc9eb1a00c70d8d79","sha512":"9ce03cb0fdd8e073d32ab4859f8ad7d18ec2ea202d78bf8052490628e62855feae5ffa42a8010c22cbd113844bee91f68be2a43009a3913cba703d22e4aa4d8b","ssdeep":"","tlshash":"7d615d72947ad9a113123270370eda2ed14c2bffba044de45a6cd0ec5408a05e2ebbc2","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.779597Z","times_seen":5440,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/110.874d0e79405a58485218.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:06.440Z","timestamp":1701176106440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /110.874d0e79405a58485218.bundle.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-6328\"\r\nexpires: Wed, 29 Nov 2023 00:55:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12092,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"8730c98d153ae412f7e1a8f15e5b994a","sha1":"d4697628cb5fba60d12ba2663e323e7d226beaff","sha256":"cad682b72184d88299156e1ff5427fc9c2947c4ff896279e8eb3c7f376bdb5d0","sha512":"7feb9b02752f199d1cdedb9007c612db2198aa17e254392841c2d80e965d1e53dac1527a8527d4ec5ce9f49fd8d197f9bd3d288e2ae00551c4e99390395f61a9","ssdeep":"192:0senWuE5TaNiKi2bOf5HgUz3NGHoS3FNqrToe8b7FC1Iers2o/V83RzYna807hJe:qWuE5TaPi/f5rkp3TqYDb7Fb2o/VLnag","tlshash":"ef42c1f809e46e6ded4518b2eeca6737cdec2084c2c119502f8c7a2d277ac04172d7d1","first_seen":"2023-07-10T00:51:28Z","last_seen":"2024-08-20T17:36:01.074845Z","times_seen":6,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.260Z","timestamp":1701176108260,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3371\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d2b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e8bfffa7fbcd0595ad428067604d1b26","sha1":"df0e32107e44729860c190bbe0b24e467a3d4216","sha256":"75e7047463218d3570b6a08036c2cfbe9d0df9e7dcb140e4a0c67d561f2dc1a2","sha512":"59a733601f0697b43db61af743e38cb5f982be3d2eba11fa08a6883495c286592840783778702621cd6fa6f9e16841d604e99a0e0211e3523b15bd9b0d6688cb","ssdeep":"","tlshash":"f6614bb75d049dfc4f5d20208990eaea28c5443a3f33468665baac769c22e5bb189282","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.743878Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/mtproto.worker.5f3f9d4047c294f1e0c2.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":0,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:08.565750287Z","timestamp":1701176108565,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /mtproto.worker.5f3f9d4047c294f1e0c2.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: sharedworker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Apr 2023 12:08:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64394243-b4aa1\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":206764,"size_decoded":0,"mime_type":"application/x-gzip","magic":"gzip compressed data, from Unix\\012- data","md5":"7abf67a814e5de6abe478d5d06fb892a","sha1":"922b4969b7176df974c95c14e25bbfac30e9c305","sha256":"573ea3fa58154af0a80693c1bd0aa3e69dc597be1f161d1165544a33cd7ba2b2","sha512":"88699c8d43b39ffc1567c3e77942650971fa80940770d9c3ddf368076ea28a4ca43edb1d771054e93a1389369e0ad324fe99be5b5e70ac0bc16569b95a21e4f6","ssdeep":"6144:stq6iGTgSDS5jNz562NyzmLM1nFJFp/u9zP25Fp:st/i6DMt5XKxiPO","tlshash":"e214227d0396c709838f61eb630da6264ed772b3c4737931c5abbb6f27985c2e825190","first_seen":"2023-10-02T03:37:34Z","last_seen":"2023-11-28T13:55:27Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/85.c5a45a5b8327be101844.bundle.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:06.438Z","timestamp":1701176106438,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /85.c5a45a5b8327be101844.bundle.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-1e04\"\r\nexpires: Wed, 29 Nov 2023 00:55:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6034,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"296b59376259b84f4e88622c81af5acf","sha1":"6d51e07bc29cb189ffda4021c50dcd872cde53ec","sha256":"f0ba1e1b4d803e72b6be0df34f1a10ddba18f26de12c530f07a02521f05ab552","sha512":"2fc6b69aa78f213bccd3d4aa429ff5351836cfea9154d9ef95681e9c458d800ecd9f981259d62a405ea51fc04f14d0d8310ccdde9e74e839948c2d9e20d739b1","ssdeep":"96:EEhDYItWF1SWBlPpS8rEcEt0pV2Pa9WZSwm7STWQrg+3a2aAK+29E/dTpY2A6USi:xdaJPpSrt0pVgafMLrH3pK+PdTpbNi","tlshash":"6ec19ee7e623b9c9bbe5569f9c813142e2706374524a608e88fc818c7e2c1c743b45b5","first_seen":"2023-07-02T01:27:30Z","last_seen":"2024-08-20T17:36:01.07673Z","times_seen":6,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/8.cf6e90ba29bab54a0fb4.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.086Z","timestamp":1701176107086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /8.cf6e90ba29bab54a0fb4.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-5e90\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8143,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"ee2a540950ff5d8b7ae5cf21aa2eda2b","sha1":"c3506bcd7da375a289c5b84f02295cfa3aa40c28","sha256":"44ad8e367e5a2fc5981923b7372b89b01d37251e4a10432e8e1af96931df954b","sha512":"40b72b83f419a11df4c5211bc1c0bc35efd0d7094c3e3af0dce4ca60b7037cb1599bf5e974f992e1625a24116603b2058f1cf6dfd686a42ebc1659a892ff2fb5","ssdeep":"192:lYBA97oRIr7uY0aUzHt+piFkC7qnUBcAP+fI:lY6UR00aUYMkCenjAkI","tlshash":"65f1af1c068323f1c981117bf2a7f559b323b6bda7d3b8e9ee4086078d566a2431107c","first_seen":"2023-10-29T23:40:55Z","last_seen":"2024-08-20T21:52:45.581813Z","times_seen":4,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.301Z","timestamp":1701176108301,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3175\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c67\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3175,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"21d61961faf51d8e8a7ed430154a4bfa","sha1":"97c3f36d2f81f6e3284600ceac16d06d8a239b48","sha256":"d530e5e457e34f092ee63268a69b6c58ebbbb5224df6e3d90cf50e1f681899a6","sha512":"dc09c5bc15a01884d26149f58c65e87d9d9e97ca8591a5c2df6f669e8cd73207849231be37d1a5a1735ab55fb787eea0b3f3690ac8bfccfbc746cb46af04ea57","ssdeep":"","tlshash":"64617defa31369e6e1361133a5aa446ef01851a415de623ffa079d390b124f0bd0398d","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.914294Z","times_seen":5442,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/104.7fce50fd24cd57ba2286.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.082Z","timestamp":1701176107082,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /104.7fce50fd24cd57ba2286.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 04 Nov 2023 04:28:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6545c86f-fdde\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24187,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"9f3898597c6e57cca261f6a93f2cf20b","sha1":"c76b03825df188f077368cff2844253a653eb74c","sha256":"4a59fb513fa3564765ca4a820662faa64d7b65adbeb1a2cfbb755cb9883e89ec","sha512":"6290d8612a85fa4d0eccd7faff72dce1a83fc2ad02203667be10209d17ed926864719e2a18629c5423bfa3230955573559758f1d8d8040bedbbe9329278ca025","ssdeep":"384:WlbrtB33QkYzERTRJUOQNG84+xM5fUqWVzhH1iUou29WqEM3M6SYnjnnz1+bte3P:0/txzYARTRJFeL4LZuVdYUoH9NLMYDYu","tlshash":"19b2e0e578ba7d64f6a9126380069fadf0a0a49baaef0c07f7c033d643155f97c42b14","first_seen":"2023-11-28T13:55:28Z","last_seen":"2023-11-28T13:55:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.324Z","timestamp":1701176108324,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2647\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a57\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2647,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7bd3515cf442ae094138ce1ab113b33d","sha1":"0cafbfa26671dc22c8f5b1c6f78b9008603dfc78","sha256":"dcef891001076c10c5b02c72a8c99eb5d9a46cfa4bf660bafe70aba914aed99e","sha512":"46f756859bd626571436d5c8e42c1bc29344d3182c26245552445a1644c3734fd66955464cf72f97d6bd7e5df10e7321d471a126db4d1400aaf57b2d14f0d445","ssdeep":"","tlshash":"99515c13915b4f07a5c21b0b42ef292041339e5fbf0b90194146387730aeb3d7a91eea","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.851939Z","times_seen":5447,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1e7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.336Z","timestamp":1701176108336,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1e7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2792\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ae8\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ee5092b2a1f2c39d3b144e56e5512903","sha1":"b33530da3765517c97169e4b8a71acb83157a878","sha256":"f2e1ea547d2ebbb356cc9f53c46604c30d27c7e4841a425dd68bab1c41029c6a","sha512":"784ac6ebab7884eae38bb80fd8e2a4000d5eb16fc340748c8ede3d902f2d2128988217f1eaea658e63a36c71b320cd8091ab66f6e67188a0cea3bd1ea318eaa0","ssdeep":"","tlshash":"90511b4db1cb34b871b69e3753125aec583443aa1810ad87b6bd93767240cee76d09bc","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.29397Z","times_seen":5434,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.340Z","timestamp":1701176108340,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2890\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b4a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2890,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"daa2e7081a8d5714ba157063d784dfb4","sha1":"6e51310f9784e0f9fcf47bad833c358ac9df92ac","sha256":"c4b750364aef14fdd99635f973fd4d5712799ac2a422b90d399347ae3b89771b","sha512":"b30d0b8dec351c36ac6730893260b64cb813f0f3dc5872b2447487a888c3d41e24355545eb40fab596cb9c5ae8ba5b8c910ed662a0319cbee16f04918c128451","ssdeep":"","tlshash":"b7516de9976169e4db7f1b069284a11fc59b531f3c0b470aeb56c2a8602490ad09db40","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.915981Z","times_seen":5438,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.352Z","timestamp":1701176108352,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 1991\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-7c7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1991,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fbb54e961af78936a0750a546300806f","sha1":"f978c133fbb0ddaede7caa07f86e010a5db8ccba","sha256":"4f7175583c297abd53b01ca105d86ee9c18ae7b1834851989b24b509d60e5d3b","sha512":"f417be440ba814784198861077d8b918b836a605aa68ba48aa5ac13d98053ee789d6c76b80089aef5c2788decb1913a3c61e1f192ee8a5ecf778334e2f50456f","ssdeep":"","tlshash":"30412a4013abc4c8bdaf856689f96144e0f33eadd4a1550bb6b8f2c60de141b75dc94e","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.648887Z","times_seen":5436,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-28T12:55:05.732Z","timestamp":1701176105732,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:02 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 01 Nov 2023 16:14:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65427966-2d3a\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9395,"size_decoded":0,"mime_type":"text/html","magic":"gzip compressed data, from Unix\\012- data","md5":"d90e2324dfdef945c1ea45d626df9cf4","sha1":"5add2339d1fa1e5633b61c21798fd00076ef08e7","sha256":"dbed1efaf7467eab4abe1e84627dcf48c6fb34135751efd0b8d2a01f5cc4cde9","sha512":"54a47403705a9def337c072cc60134b3ae30f40b0c65c87472d9ecf309ee3294e3614d16903d2b24f8527e8e5898ca49a85270df7af471ab00beaea8716dca68","ssdeep":"192:chASH380TQR0PQ69EPvY02D25PRo7s+3xBR88esObN1N4nSKY9l5+j:Qs0/PQcwAnyRo7pBQ914nSB92","tlshash":"ff12ae930b7f295aece584bcb1474ce214fe497e8ba9d090395fa90d9a4630f2b52247","first_seen":"2023-11-28T13:55:28Z","last_seen":"2023-11-28T13:55:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":864,"timings":{"blocked":347,"dns":21,"connect":162,"send":0,"wait":161,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ef.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.401Z","timestamp":1701176108401,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ef.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2421\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-975\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2421,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"992d9e96f9a0c9867484e5403af82592","sha1":"922d14cc1691f1898ea5c9482a1e9c5270c79acf","sha256":"d67ae070ad7d331bab1e17be0643e3072a29945ccb442d6f37330f43b269250c","sha512":"309906bdc111f88f24fb44fad3ae1a3b3c89c083079d5fa32632cd756dfa8eeaec41c0e74d66ed1bbd6339482340df83bb205181e2b72975850917fe3b38788a","ssdeep":"","tlshash":"0d412a28a0191aa4d85592a3d6e0165bec768fef86b14a3a4fea342c2e12a5448c4c5d","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.545868Z","times_seen":5446,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.403Z","timestamp":1701176108403,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4598\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-11f6\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b09ed67964163220bb57e609aeff4c17","sha1":"7e872b129fdf1ce5425291f4c7afdfd1216cbc3d","sha256":"13ab5964b285d0f107f2dd6fdd940dddd44e2158841f0ad897d4986a32274118","sha512":"f42b4daa001777e25a45e9c4fbef2a1ec39852b42df946cd8a0ffb5e8d9764bf2b2e12b136e64e0780057e33f6e4bc5e5d7ca612175514c4dd96d14a891d4e61","ssdeep":"96:3ZoRsFgkaYx0XFWHWwmLc3udfIenB0fbUo6NpKuJUStLQ8uR:csFhTGXFW2wmgqfIKBOP6rr7Y","tlshash":"59918ca274db8c57e4dd3a6b9d1aca2ef615566bc4f7b77832c1420bd5c0d02248f84a","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.891809Z","times_seen":5440,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.405Z","timestamp":1701176108405,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4199\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1067\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4199,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"08486ee438b1c4222ee73de4574ad834","sha1":"89719cb5942205286643e77733a3499cb29f80e2","sha256":"6dbef1ab1b7b2497e85a436efc538906258f6ccad69a67e627baead16b810a31","sha512":"217354d6f4d46308cc28a6c47110b6cb06e0d9ef75518ce7d0ffac2a4ce45cd19b834492920f4b09da2c0b80c65feb729024cd8a7244daf78458f2086e1f3036","ssdeep":"96:QH8fTOOFUQ2MvvoeDb+CKObveueUJZIshpq9T3IgV/P:7bOOaVMXfqYvejUzTqT37VH","tlshash":"09817ce26456bc54c2333bf139ff903ad164d270411b7c7cf8ab8c0a6b40bf686228a1","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.805519Z","times_seen":5439,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.409Z","timestamp":1701176108409,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3289\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cd9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3289,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8e87590775b34e2c5fb5b2f3c18a4c68","sha1":"2882a25e81bcbe087b20912c1bb326d6cb1318d3","sha256":"d126475e0cbe9b5c92514de449bef0738430ae2db567c35a33d0356eef1c7a60","sha512":"5069ae4fe7c889cdc96fcc688d7463ed49a84be818f29c71914375721fb9ca4316d5d3347dc9912f72d388c38bddc922efa25144f99a9019bc6c656e4fe93166","ssdeep":"","tlshash":"98614cd78a2f122ce79149f205638b002ca29454ac35d4a54a9bbc750d4ceebad6be83","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.538554Z","times_seen":5434,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.411Z","timestamp":1701176108411,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3345\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d11\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"27abb50f4c5533eb52e4d6df656cf020","sha1":"d5888a4bb78ab795197aec7eeea5d7deb871d0ad","sha256":"fb40c604958a141df7244ecd06ce56e90fd9d609fb90d61fd0fbcbaf53888bed","sha512":"f21aad8e7e8f54f8453e28986636e23f6da4e87cf34b31238dcd99718a1bd0e30e3c1715a71b718c6a910dde49e2040027c586e109048778598bc16e0f354a51","ssdeep":"","tlshash":"67616cdb4517dc27ab1756e1300751da3db36e7102c62338f7a1acdcacd045a388a779","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.637118Z","times_seen":5430,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.421Z","timestamp":1701176108421,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3239\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ca7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f573e684490da7d5eb32411e30a2ec75","sha1":"62cc3f2e8ab4835ef5d3baa7a8ef6a8614cb43a2","sha256":"e337171571b57fb65b25d93ee24a38bac1a33b0f3fb1c2c73b6cb085637d353c","sha512":"b2b453a080744a8797c6174a98e583af81b54fb73de5698d16c09a06d1f7ab34d574449d8e0578ccae5378bdd2aebcd3b10539dd41d1ada4630a39f32433680a","ssdeep":"","tlshash":"8f615c5b56dc896574f3194da4a41205bbe0b53a310b8c037427364a68b17d875b71cf","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.268093Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.426Z","timestamp":1701176108426,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3541\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-dd5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b1fa54221359f90d1c301cd3e34e7eb9","sha1":"a297766192fd4c1a05758735d556852b4b038fa2","sha256":"417577b750a63612cdabb9b0e8f36c6d77ff3f510eb00459bf1c636c738a1bee","sha512":"b39696d3e74c6cc07434c3256b2591b7181ec142cf03c0bac9a817257d764c785cdea4b7f50f2c8b2bd3cf9f4c4e30c7485f713a01cb7380c3fca070b46ef704","ssdeep":"","tlshash":"46715d774e8513a1dedad141e46771f1c864a8cf9ae3c45b327a07457630c40605daae","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.326773Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.430Z","timestamp":1701176108430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3829\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ef5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3829,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d90e015cc58de0759bb40edb6bd03eec","sha1":"9b5400b9c105b6126e1416fc164ae159fa97d8ec","sha256":"1dea8057fb5d952fd684cd23f748c410b478c1d8513160f3fa42faf54fa7347d","sha512":"71c867ff8379de8a8200aa904d708620c221e727f2291b0176bd95dc77edd4851d3493139e5dc468430608696685c80694c5730662c347c093290152b69f5f41","ssdeep":"","tlshash":"e4817db54a7ace14cd44f7e75854dda484fbe4db7b2ceaaafd8cf111341251b0110a72","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.650843Z","times_seen":5443,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.435Z","timestamp":1701176108435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4235\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-108b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4235,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c8505e97fa41d5f23c75dba52a3997e8","sha1":"845fe78be95c6f1ed1f693a95e7823a8bae32390","sha256":"4423aca1e1f40cc554ec3ed98387f80d686bc38ced80d4be3a9efcf085c14ffc","sha512":"c53af05ee20124ca8dd59a2e3f72a03971ea3b8c64e308d98532be20edd06e0d2a4c3ae2709ffdc2068b1cdb9c36f82c790721366bebd32be6e42c5c0d12fd48","ssdeep":"96:huSfNWmUA1G/kDlmSiZfMjNwrP7eFSoUSkjHTMU9Jds1:hdPUUnlmd0jNwryrUTMU9Jy1","tlshash":"a8918e7fe13bc5d08523567d1ae16f2c55f1e00729e20cc1aeb4b92160a0cb98fd6093","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.846912Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.438Z","timestamp":1701176108438,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4491\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-118b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fefb90a713345264dbe654c80f61dafe","sha1":"ec341969ab1e737e786a091d40ee51acd7a52248","sha256":"1ab4c94de84c16f1bf0bd308c2f45d9ae24aed4e3d33c1fc2105a83f98eedfe7","sha512":"3446dd6c73b7f9da8d50bcda035b450e97040c7951202d4ab0750a10a92f401120eeb559e70b9a95d1157f21eb2c081386211bafd2b3a800a17cb3f502df9f62","ssdeep":"96:Imxy+OQ4h4ntH+Zi/IjrEZHeXCx+ihRDKm5Vl5+:IIhOQ4Wh+0IjrEZ+yxvDKm57c","tlshash":"55918e266b7564f48cf804b8175e021e31b2afe8402c5e13d5d9b8954736755d6f600f","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.528062Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.447Z","timestamp":1701176108447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2717\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a9d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2717,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b3eea6ed129156e6c0b9b47c1424e5c3","sha1":"ad8975f710e9eaa0b5ae31e57bdca85181b2a5db","sha256":"688bdd07faf7b6e803cc9bdf3a0faf68b9328509bdd7e7b3d5c22fd50812d64d","sha512":"dc190aefa0b14448371908ede7f85ad75595970eb184e5131555260111d67978d04b770d967336fad1b281916c63324d9727d53d0a4bf32c428af2a4ca612322","ssdeep":"","tlshash":"89514efd4db0c75e5a1bc8f22e714a03a7838a65ad433d0501147de317deb13d59651e","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.661335Z","times_seen":5447,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.449Z","timestamp":1701176108449,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2845\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b1d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cad874f2adcd378d9546d0ce1b11ad09","sha1":"ebc6ef763606e867a3e734dac6a730de3d37fe03","sha256":"2f2988812c32482b9fb18b2b96ad0cc299f75f9a7a1758b6e6393311ed8ce54d","sha512":"84926bf4d96f3ced282f0d4945e8bcc264b19747d01d88e7d926c9c76d016c4e960ce12fad2379e17a654b573aaf738d321b503c2c321aa2af85cbe7a5bf12c7","ssdeep":"","tlshash":"4b516d3473736bed67b799ff112c1e6b3984ff411608e45e057884628d0de0546855d4","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.703075Z","times_seen":5435,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.451Z","timestamp":1701176108451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4173\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-104d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ad75cf377c8d264db6e3f15c247b0c7e","sha1":"6a8605b6133bf920c811104c972c447a90bfed63","sha256":"1c3fbea07b11fd0c9455e48ca715b0fa74d66ca66a7999f440e89edcb21313e4","sha512":"10ff3e4b06a508a5a497e31d0ec8547166262081fe5f3c26c8481e808024ba28b10fd6e395ec53386512264fba9f3212c44b1ffb161ef8a75e239497b4cae5d4","ssdeep":"96:EFnxWYE1f2qZK/Ovez4wUj0V5cM+EyMp9VzQkh3dPxFvU9:Ex0NXK/kez4wUSGMfhzp/vU9","tlshash":"16815dec2fd21e126fcc4abc5504c4517f756889e8041a5827af5135ed16336559b273","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.608165Z","times_seen":5440,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.453Z","timestamp":1701176108453,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3598\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e0e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"447db8958f516ce26199724f7a15faf0","sha1":"af249d100d86d391077290ea7f1e0148215705c8","sha256":"c1637c023f598dff07fcfd84efb1efd8cd3ba4b7d67d8f5b910ea8bda073a5ab","sha512":"7cdec76e18005adc8b2ae1dfe43f5cf6f60ce61a963b6fdfd04d48603d5974e8b0b89f4c57def59bff7d8099384d541956d5bdd9be3be0e57161ca559e4c5f08","ssdeep":"","tlshash":"0d715dc0456417fbd7a1cf295c9cb9a90cd7a5a51093410e3e24073c7eb02a41eecc7b","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.546546Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.454Z","timestamp":1701176108454,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2421\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-975\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2421,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"98b53ccc0cd8529fb80e84ecaec4a3c1","sha1":"c485c59ce18ac5fbb5c353240ba0ba50d28c5e87","sha256":"d58c6335f4260c420eacb9c9335d2a9ccd4f5f8b69bc8d54abe02fb4c33a3846","sha512":"b1529e11a56c037505b9fc75afc5180f1e4c711f875902a095c3c54306c53be2e66cd12f2e09d6ab8e3f535b5e62dc45a0cc9349eefd4fbbbcdec515410d4654","ssdeep":"","tlshash":"ac415b32aeb6301e6fd8c621a1ca307425376407013ec9e8bf34be247499d48a7477b2","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.526087Z","times_seen":5431,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.462Z","timestamp":1701176108462,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2601\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a29\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2601,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"891ce73a826a465cf24bcef26d02eaab","sha1":"33f8d2dedeb4e0deb043d2eafb2320840cc7c907","sha256":"faf56dd162bbcb97ab2b2c47275ef24c3ad183cd04c4982aeef0c70b4e4907da","sha512":"f18cbd85093026593f44e77f3cb808f9cca6f3fa205b36ba03dc894457928468c841c3da30dfe6ca04052648b62a29af660f4849688eb642c4b0a717fb377263","ssdeep":"","tlshash":"8d510916912061b9e71ab132823476791a286f308ff3f084c597f8bc782755c94c8ba7","first_seen":"2023-05-09T05:29:39Z","last_seen":"2026-05-27T17:57:01.654623Z","times_seen":5445,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1fb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.466Z","timestamp":1701176108466,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1fb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4157\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-103d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4157,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d3ddf6b72128c52191a111212204e19f","sha1":"b8b4766ef4f230b606615a5b59bd84f94e2fb87d","sha256":"60c5c3cac2ffde073b3b9d8842b45ba2f606d13aba2c411b682cb3ab9d3aadc4","sha512":"a2ddc32a74d90bcb3be7d46b233139e26943f16af67179c49aa57930bb93f296f9fade9f6618489113fb69dca92ce33cd8fcbad0eca3b57a455e02fec9c0c5d8","ssdeep":"96:Fj2YX9rD6hhWgtk6QIuAPc3LxzNcAaFMgA8XsD/:F7rDEQgtkH403Nh4XsD/","tlshash":"37818d7e83143224cb6ffd16510c573995715d3f2ec852ab05c8e9f921083de7a9bac2","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.849573Z","times_seen":5446,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.498Z","timestamp":1701176108498,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4291\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10c3\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d11801883b96b5ce5eddb8a2d5b67097","sha1":"65647237fb56eb78e331aac06ca0996b4a1a294e","sha256":"c41b6e2c255872418a68991fb7b90df078b4d03ad4d369a693f2d05bf30ba20c","sha512":"2c3c1d5a8c36117cc6b1947d20ee1e1b5698695fa717011fc3fdea8733b20fdcb20f553fd021112d39732870d3fe436e97d667c6374c88d32967d2e3049e78ca","ssdeep":"96:xh5/dxFq5uyPKz/sjrnTZ/tifXJsgpYUj8EHRfNf1f:LprUKchV2r9jF3t","tlshash":"da919d132c912ea8509631c6153fbd92472ab5b8f16bc7870760fd8064c6e8b225fc6a","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.812151Z","times_seen":5434,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.501Z","timestamp":1701176108501,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3620\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e24\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3620,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a6377f99d10d9667bb1d7d855adc08b2","sha1":"91480a1f903637b2c2aaf1aaef4c35acbc117517","sha256":"8244d9e955552582feb80ab3af8734d4b6b79b5480db2855b6e61f1ff1f91235","sha512":"7fa7aa29c3db80badc6c0ac41e136d279f8dd03cdae2302f487242075842498088b0eb7340d38a55e818fdc4d8f5cf083f32f156e902969d1ace877245c15bf5","ssdeep":"","tlshash":"fa717d86c5374618d6c2a3e490a3dff2f236e1a125abdd83af2e8194411d21972d3940","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.642052Z","times_seen":5435,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.505Z","timestamp":1701176108505,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2174\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-87e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2174,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5ead452199e5970e3a24ab81cf658203","sha1":"d44028f190a2f4b0498fbc6bd48d4e90e4216a3c","sha256":"efbb478b5726bf96c83d0c7077301fd8acbe4bb909860465c890645861289da6","sha512":"1f78b03e6400e7cfd9f4515a988e79527d8f6badb486daa2e46a9b2b598d6a9e335c988924672f4ab29e67a9e41188696dfaf250a8505d8c76e525e48d7df233","ssdeep":"","tlshash":"7b4109c49cde8dcef3602873748482f27a91f1b7e691dfc198b1b58a3a5568dc6c3429","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.806659Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.507Z","timestamp":1701176108507,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2745\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ab9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0e0e60b788304d7360090dc4ba82ace8","sha1":"b1f6f27bf5682b8db138e61185726809afcd33b9","sha256":"fcc3e3ff2d4d7fb01b815765c4581eb575b3002fa07bc5c3bea409296c9b9246","sha512":"65949e9cc82aabeff6d80793e3b6bcac23d7db2e85283240070f76583a91743be68ac519c651a5cab27f5966f27547307b8772054e961f37d9d42f5b7f347d9e","ssdeep":"","tlshash":"25512bc9b7aacd5700e09bb43b516b086640eda52aa3a216eee5246983180f7512387f","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.64275Z","times_seen":5428,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.513Z","timestamp":1701176108513,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2544\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9f0\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2544,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"190eb05b8eec7b672f5a7b3284570b16","sha1":"b9062b4b25437a4be5495f6a6842b20bb557614b","sha256":"cf50250fd212291f8f672eb7cd3635e7839ef71d2de7f5ca57237be64f21e311","sha512":"3866863cb9a82aef796b41551463e03ed072aeb42072b7e588e668c69f9604aa2c92c6bb993631423625f473c0e355186fb8884a40119ec05c53063bb5c43ab3","ssdeep":"","tlshash":"6e513989ae3da87dd53c298d108913a8681a4594c5aa887c41f5ec6b3b0a1c7451a382","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.853278Z","times_seen":5431,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.515Z","timestamp":1701176108515,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3073\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c01\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"754a852065f15a20f016f68d3286759e","sha1":"3015753ca92b1362c1e454236ef815bd28c1aa22","sha256":"bfc41b7a82ed8618148edb361e9551cd94e5cc236ead05c70021360bc47eed0c","sha512":"bcf3b4eec69ca483a368d40fb0fc6ff196e933802c52f2c3774c051f6b2bcf50c177ebd3d095b4d35cf371487780c36e0cb075efc081cb19f333c1f7c93fb586","ssdeep":"","tlshash":"8e517d92193589f7e5502d36e2fe88d5b13f213a213cd17e96db802160cc188b963cfd","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.842963Z","times_seen":5437,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.516Z","timestamp":1701176108516,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4013\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-fad\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d08e6bdab53d1ff7929a18ff9b94e877","sha1":"3f3a73a68c08f5189452cb7be921db573da1a927","sha256":"c0c20cdcb8aa250e432114a197129ce830a359c9f58d06369b340310780180b1","sha512":"57885fc57d587eb56829518f5ccbe0ca62107c62d065652838e4e9a1e347a92c84e7f6b5023c143b3ead39efb2662bcec4939a0e5a6789666c4c732c72c3f4ed","ssdeep":"","tlshash":"95819f7741ff24d369f2b04251dfc412762aba04076798c2db820764e18f1d7eb35111","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.533529Z","times_seen":5431,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.529Z","timestamp":1701176108529,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4169\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1049\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4169,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c83fe8167b18de227f252ad9934cbada","sha1":"9865306ae45ff3883cc23423ae0015dac36ca271","sha256":"4d483f58cc97b78f45bd283b02ac1e1db3ef69305f8005adfcefaee84e8e4439","sha512":"dea31a7cf2a749f9b5379b07e5a92fe2774f08a5657ba7b5bafdcf5243e51db066754aa9228b234b5079500a25669b7e6459284a401f6256076e2649d6f5e7a1","ssdeep":"96:/qCqTEPz05vx4DJGNcqlEwwdpatdB11BFXw2NGBiZ:gkzgvG1CAm1BG8Z","tlshash":"b3818d6c65ecc90acc3de8d258f91d4c404a21ca23ba81971233fba116ca3d6b11cdbf","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.547152Z","times_seen":5437,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.538Z","timestamp":1701176108538,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2868\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b34\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2868,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fe26f6c3829626e314b7a0f115e96694","sha1":"119c83fafb5aeb5ef7c3ecfbf0b1a1e57c9547f6","sha256":"20329ed11a733149983ec6c21f1f18fc70904e095f5d33330577851cc34a0c48","sha512":"ce9543c05098032fe9bf493f88c8181e484698d2cf653cabf120dcf06e811d9f6e1b25aaaef8b7962af4fb0176ff4de2df6e3086c63fd86bd607b455fb8733e9","ssdeep":"","tlshash":"1b515ce5652f37b78f3416229439a08f54df55106491c8c6a1839be2cfd73252c94067","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.605021Z","times_seen":5435,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.544Z","timestamp":1701176108544,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4401\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1131\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4401,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"576f5ed3937ffb5f29f07797dafd8bd4","sha1":"7dc484a7694a75138cc8925f7bcdebee2e71f903","sha256":"70027133ab1b9442c8d4913753f14b72e6c3fbbf5a54928cab1d9857a0232a23","sha512":"f3899b6c8cb40f8698311ccc70bede6d24f5e9f255c7548a1cb162ded8b57a37c732a59dd9afc5ac4f565adb7b9ed30969540b6e0e7a795613e9a84288170b32","ssdeep":"96:7wcEEOLlpNmXAU348oOr41dDR8YZDLEFf85zNi86a12L24Kvc:UcOLNmwa28YOIzNiy1R0","tlshash":"0b918f35de1c3751d61d31844681ecdd22a97d686601773ad37abc7f0f0a421508f6e0","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.82559Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.577Z","timestamp":1701176108577,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3734\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e96\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3734,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"22a2d23486c7545b396fb4b3a8b6f89e","sha1":"707f3f3632519dc7be5c6f7dacbcb97cdcc5338c","sha256":"fb41358a100f3ab70e30d5a0cd95de40ef3f5bd9e76835319da07c053830c2e2","sha512":"17d283761203c82c2a6077bffc815dd364f976e15b9524987ab344ad68c81b8d60c6744dfe55d4e03181a36602e1867c8edf9d377ef31c95eec70d072520defe","ssdeep":"","tlshash":"69715b57f60eea54ac724d561c636804ed022ac2daaf7696701b47b083a3b068dcf0db","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.626442Z","times_seen":5431,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/npm.pako.884971942c090de521c4.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":0,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:08.624219237Z","timestamp":1701176108624,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /npm.pako.884971942c090de521c4.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/crypto.worker.c59dccdc288c9bd74a5b.chunk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-108b7\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":24888,"size_decoded":0,"mime_type":"application/x-gzip","magic":"gzip compressed data, from Unix\\012- data","md5":"561f3ed8023e642be344b1b5f53e0444","sha1":"cb8dfba46304d9681002d0c44c751ff90c1236f9","sha256":"2bb59b167939705dfa5bde7062899a7519a4c5b984d2910ada2460cd9d66d41a","sha512":"d5c18c70cbd399c82f1915ee252f4abb6d7253b0091eb519951516bfe6f7bc9401fac8f2e06baccdb25446f6e4c753b1f875b56c700b83053b3b3764e2f9e3f4","ssdeep":"768:m7owlBUsbGVFjhJEFd69POO+FRwMUCAUp:pWUsy7rEn8OO+jSUp","tlshash":"f2b2f137ee112ed6b3890a0de250151310e6cc5bdd9ca706d40768df8f7be85092b22a","first_seen":"2023-11-28T13:55:28Z","last_seen":"2024-08-20T17:36:01.101817Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ed-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.585Z","timestamp":1701176108585,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ed-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3891\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f33\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"413ee736d12a37637e9f6d286d4d2481","sha1":"2af3e24a66010f0029596610789431ce4909b33f","sha256":"61183c4bf2d2f7fb6c71e703300bf6f397e3b26f7b336ed56ec5b47a8889a48d","sha512":"b6490b8eec33557cefd193cfa46f23682bea5b24eb7049a2a7e2fd8b64137f457f97bf421c8c911438ed3e91e3a255dc944133db81cac4395025ed96614ef334","ssdeep":"","tlshash":"3d816ce630c77720a16ccd257a3d20b0b602dbd2ef0cdb9955b875d80c65cc09745fa4","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.529133Z","times_seen":5429,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.587Z","timestamp":1701176108587,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4129\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1021\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4129,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b8fdb248ea8fb2fdd241676f9005f5eb","sha1":"ade517a127ae8fb48d340ba8102d450eb49faf59","sha256":"e9da02419eb124cc5a6005ab5d439374efee0304a4418099b9979af779f0ab1a","sha512":"eac2f38923ea4c91aace84ae33b0446cd8e9ffa176c36b8a351ee7aa31dbf83719fc5031c418d8c97b604a9240bd6c030c11a2e5a5915911e300f3c3bca14b6e","ssdeep":"96:SssMcgvc26u1KbeOvFj1VC2OnYGJZD/UeHv8wOQjFbAK3P1sd:SEvZ1KbeOtXC2O1PoeP8w1FzNsd","tlshash":"1d817daf9780380c810452cac6acfe8294fed4f9aec664f9b3c4f918c141265a883f47","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.853844Z","times_seen":5432,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.607Z","timestamp":1701176108607,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3381\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d35\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4d43906793cd83cc584d8b12ad63eeca","sha1":"020ed2085edb6c034011eb6090c160f278b8be60","sha256":"ba75bea14664909c8d4746f8189118fc086b955cdad323638671489ac91e2855","sha512":"d117216300b3adc7531b1191cb8374de6c11d6331b8ca1ba2cb5e628dd07e523a3227e50ff56c8ddb1b54569004bddd78ce61c384415132f275626643b206c02","ssdeep":"","tlshash":"53614b17796024cebb9af5804b78a72a35ab5002d65a9885b7808d7c340724aafb3c77","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.816234Z","times_seen":5433,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.608Z","timestamp":1701176108608,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2534\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9e6\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b4cb0c050bebdeb2848c2d989d233fea","sha1":"5ce3b58eaa87d5492236154f1ea6cfe8daf34e3e","sha256":"137bcb234d02d1a047f567bf4554aad83a43004c53f521d7e47e0d54a4d192b3","sha512":"c3390fed10ef532958f88dba34f736c2cae7f56fc2710566e4ba50b802eb257a6af442937ff9777c555e07ed8d94b75c8d0e22a544578a3c00ae13bb9f0237c0","ssdeep":"","tlshash":"3d514ceb93d6566b6cc11e3d11e4aa9a93b5ba893f0218efd00c5c60b90a41955136c5","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.747148Z","times_seen":5433,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.609Z","timestamp":1701176108609,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2702\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a8e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2702,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b58bc2e515621a96eacc73b562cab834","sha1":"a6dfdebf74d8be603db79d6d30ce00fbdadf54a3","sha256":"f4570fac2be32b178def2102373fb1150202c421ac42b86f473e073468d3af1d","sha512":"ccbf17f8eee5086c8ec0a38f97e83caca4e7dd3dcde1b4ff7720d0b0285f04c137dc081a2bb5efb4176fce3e0aa9c59c9e8931a273aaaad76dfe00624f36583f","ssdeep":"","tlshash":"b8511bdb6d560d19f41d23c60350c4746eb612548572ed8cfa3644222b36780ea6ca9a","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.598654Z","times_seen":5425,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.611Z","timestamp":1701176108611,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3255\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cb7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3255,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"365beadd3b72afe385a323b3fe4bbe7f","sha1":"f1bc8647226d5669e8913bb30fc6b9578795d7d8","sha256":"27bdb70e1f78a480b3bb3de940127450cc892e031f9355feb6febfc51f975b4c","sha512":"c7206e6727e8ec621ed24eafd3f8f962efd1105af375bac295de34b7e9e2d2b4613e1372de7a2f3aac9d1f7c5ecf451a7f0b8296a4fccf41bdc19d28731280e5","ssdeep":"","tlshash":"2e614b9d850582bac9343abf748590660433ee5be30d26364eb4957fb30bae4b02c446","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.861426Z","times_seen":5435,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.619Z","timestamp":1701176108619,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 6920\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1b08\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6920,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5a1abc1bec378cb59ac93e63682b19d9","sha1":"30f25be54302e100eb08eb8e091893693f6b425e","sha256":"4e33a73611cfe26afd186e7e7157e76326fc3443173f3d321b11b125cffb73d9","sha512":"136b19ff082ce1192cfa8b8ac8b1719c104a66b1ec2415a4eeb076bbe9166657f2629a4bb23d375e27ab6353fd4cb45254cb719b446c401cdb8383c6184a68ab","ssdeep":"96:0Jo8CYLeLe6kUthvMGox5Zvdz4f8+b/Ow469UEpdgtDmEYZ48BYlC66EtZr30EP9:ao9YLPAW3x/dE0+b/OwRhtQCE5HNB","tlshash":"55e1bf960eeb91426e0e7e17f0066068024e6325890d79f0dd4e35cd927729d3f4d968","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.583995Z","times_seen":5431,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1ef.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.626Z","timestamp":1701176108626,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1ef.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3013\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bc5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"efeb85dd7fc187c206fc7bc5aa90c941","sha1":"f3ebca4212fe163a656a0237f6efe21586adb925","sha256":"8dea58fd4567e2b90de95b1ca3c0e47391d78aaf46ab7438fe6a7cd86529bcd4","sha512":"55ee35e234bb810922c8020569ca2010119c07fbed81576c3a01f9bb2c53843cb6a14df3acf182fb9cfbaec8e4703a629bf9fe7fc7a5d9e9f0888385bb5eaf4c","ssdeep":"","tlshash":"79514cc709ca558b96f662d85808e1c0916c5d09cfb210ad3f9872b90902ee4b91efb6","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.845401Z","times_seen":5433,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.630Z","timestamp":1701176108630,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4348\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10fc\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"58d34980f2d034a223075e8fb06b8a1d","sha1":"f5e151d249e1bc329604bb093264f3e01453a913","sha256":"8ead578a751ced89c42da8c5768fd8ae93d88a081763aae619e31343e0fbdcc7","sha512":"e93f5e649c7ef71a65fe86e625cd908117c9f10b91f4196d175c077075d7bf6c47c7da3580e51f16f87b7be96769530765d3400a2ef6dc647742fef60f111637","ssdeep":"96:+/KbByLcjoulW/mhod6tKKmYYcmtjZTVMteE2uzwLV4aMBNFi:+wyL1u8/wIKmZtNIeE2jLKZo","tlshash":"20918db461376bcc5e90ed908f26988147982308b7cc73661e03e5cba5ccc623722ae1","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.531019Z","times_seen":5430,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.633Z","timestamp":1701176108633,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3453\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d7d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5ee3305da45522223b266ee7126a3b75","sha1":"b01d0c5570dca3604868a581f577391a35495430","sha256":"510bafa823d87b940ab361b8f66fb4abb6229351bd333a6efc1d14965e520dd3","sha512":"444770a36c3a93d66f51d39afda6ffd01d52f3d2a0b69fef5386df53f8d69291945c38db73d69a437e8b9780b60ee8fd4969243a8e552c815b0a6add522a35a3","ssdeep":"","tlshash":"7f616e69664c141ac06f60778116f83adc7722d782c3fb079a38d66ac1a1c41b1895cd","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.196804Z","times_seen":5416,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.637Z","timestamp":1701176108637,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3878\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f26\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3878,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2c188c8ac03134c54a39425c0e1fb13a","sha1":"5925b2ff4661ba438c6be4c4b1496e7aea057b1a","sha256":"4cbee4996c39d1bee69777abb6b7c0682843ea8cdd9be4ea785fc49963190e24","sha512":"5778c775ef99bcd017bbfa12382c1d56fa3c06221419a06d5c8f061edce6d66a5dd5369413d03b495c1dc24b7fb87a456084622a60a8db92a5bcca68dab9e5ed","ssdeep":"","tlshash":"55815a5ebb8c54fc21b90b3825368a949dde56d0a4ee37830266f62b0e5422ac4e6093","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.893392Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.644Z","timestamp":1701176108644,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2791\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ae7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2791,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"47727a5b96906c506e39e9efeccad7c6","sha1":"cd63d7e67740a4d10ef04aaad1cc1e33dd8e0f3a","sha256":"8bef17ea3b8989fb62bfd1446febcf4ff09c0b63c7966f940e98f4b56c3e803b","sha512":"0e8d527fe5bdbaf7f37fe4863d18320f08fb533cbe5ba9134789e0c1be3cafea373c64bb9a23c30a9836c548ef9fd89df76f6391b802b7fb7473ead95cf7880a","ssdeep":"","tlshash":"21513df0e48d0a4c3dcc18b19d171052e4922eb7cedfa60dc425d5bdd5a6b0ae08b4b6","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.61097Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1fb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.651Z","timestamp":1701176108651,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1fb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3444\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d74\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3444,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b65badee0fa7ea1ef60b2e918f8a5215","sha1":"1788fe44fec21473963b6b72a5540c756e601933","sha256":"c902fd564f04cf607b5e328f615a8fda50d4a2b23d8c52b331c4ee65bc2670d3","sha512":"67b80ed0a6e76ebaf964a13979d87a61d04c328cf9e08530b882e08ea25f6d30b809a10a80ea987d72fd337debae9064ac4d08935ce404c774607290d49b76cb","ssdeep":"","tlshash":"de616df575d3fed8e90010eb524b0273d077342d9f5ad555fba1393f060241a002e541","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.769195Z","times_seen":5421,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.653Z","timestamp":1701176108653,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3522\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-dc2\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3a6e5dd3978aa0f518fcf84492a1deb0","sha1":"d171593ef1eb5c0ebc635e33237c967d2ce8414f","sha256":"a505f202717c10279b4629a22b0b81f7ecd6d196f8c6994b3cf08a05371b752c","sha512":"ec61e9372c784fae4795a229eda93910b2c92947215439539e1d6987ae3f0681fdac89b1fc8c033956425080e6e2b073068094504a60dbd9dcb09f167b44bc04","ssdeep":"","tlshash":"f2715de24357979c14cb41eb809215f9d6fd981b2e88e19e0093f1179b3cb8e50f7193","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.70568Z","times_seen":5421,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.654Z","timestamp":1701176108654,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3794\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ed2\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3794,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9f947452f9b8df490288ba5b8db20ce7","sha1":"879a393dc55bc28f0ed572d51f6ffdc446468d0a","sha256":"4816bc747e44d975d6b1b8ebcd7245f2e37db41312eed980c93f380bec13f5ce","sha512":"0fa599314fb35727dd827abcb61c5671ca15efdd0bd1b8bdffeec81a75db948071264b7fc2ad95e1674e3fa6f3d338a5c2ab20440f06621f3c26bdfd2665f517","ssdeep":"","tlshash":"49716d8b3fcbe12d839451c1b7596f94fc426e42b4093853ff1db289e21d59c884b893","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.643932Z","times_seen":5419,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.656Z","timestamp":1701176108656,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2697\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a89\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"10eff95ebbc06ffe7d39d79ede495d15","sha1":"d4ef721c536d9fc96ce07708b28fda20fb75d1ef","sha256":"e3918e63ae6a3f2afe3a73109a721595b7c64014683b6be6a404e7a686e96f69","sha512":"8a749b7a0a51fa98f87d2b9ae00f7d340ba896c8cc56e9f1d3740cb1ef65654dede2d699037afec68fa1e29f1fc55087595ee703172c259bc39de2b873afaaf2","ssdeep":"","tlshash":"32515c0267aeb793f65b73fdab422330e2ec50ad534df1654c81e1391b3a7156b04249","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.918502Z","times_seen":5419,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.657Z","timestamp":1701176108657,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4914\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1332\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4914,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"409995be85292ffb50b007c258c87d30","sha1":"1f39e20bd2b9983c12da418fc721d7f8024f4981","sha256":"43228c797fb37f1414e1d78ae67db0f3534338a44f75f5a9d409f2098403b300","sha512":"2b0e792dbca71dc0ee9bd4bcf5c07f5f25a856bae40d1bb5471891d9efcc968a0d8e9f0fb502f7ec299ec2e8d078e1cbc8e9424843362dcd93b5fe649aa504b5","ssdeep":"96:K4qAW1P2lQ0JyAwTp/u8zeJPUbtJwf9jdXnhAjKjYyltEB26SHdItLzSfR:7qAWNe5Kp2VYsbRAml62JHStL+fR","tlshash":"bca15cef809e8860990e2673d45d41584ff4a3d11a61297aadfe2276a1f68396173111","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.526811Z","times_seen":5405,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.658Z","timestamp":1701176108658,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3659\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e4b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3659,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"6d3788e265312cb026d487e206ee09d9","sha1":"5d09e4d72ceaa4cd4acc6b59b45d62156f5a5573","sha256":"2ba2a420745d15fb9dac1a31665c345146c6d73a8a94e5de05d2aca36ac38c4a","sha512":"02dc3dc2b7ac8077370a6b55f8743aa82101ae68dc4463f06127a78fed83c15c3fb30677c253d4e86070db59c188d17c11ab20b1091da9ec1b8c89902301284c","ssdeep":"","tlshash":"00714e4412171ecd8bc291416ba1655798cbfb720e53487c1c46610769b2ff34fd66fd","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.399935Z","times_seen":5410,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.659Z","timestamp":1701176108659,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4535\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-11b7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4535,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2fa9a7a52e5a9210083f5d8b071b5735","sha1":"46af19597cfde4b378eb5ad83ae58e524fb15278","sha256":"ad41020dfc084f68f34103cf9574cf4fef1c7160a55f8be441ddeff59704d8d1","sha512":"da8b0f26dab798ab4b8f137ec85cf41086d141381653212475d43546daa6de5d72deb4e29d47b53716cfeab0e15be967b66ad02be6f3a5ab3bb8268c0914405e","ssdeep":"96:gy3Fz7zkI57eyVHWpJyVICUnrZuKktQiTbQdruZ0EXs:nBb75HRVsnrZUXYdrs9Xs","tlshash":"88919dea60e295062f52ccf22c8d6b224cb437792843f8cf64c66814325037b6a7d179","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.570778Z","times_seen":5419,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.662Z","timestamp":1701176108662,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3693\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e6d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3693,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"210e1654ca1aa6cc39f70e7ae4780c34","sha1":"2161d2c532bc76f2ed2e479590217144aca0a442","sha256":"7046269c0c772504c7324bf0f42c1c44285643143a207c2b5cdc970a9f1fe37f","sha512":"ca63c8be2181d1c0120a9084ef523c0b79a36f0ee024eeee214a18ce62d310eae59990961f07ccbce857949dadcf6ea0d8d576cd6b67cac42ac6f2d159d08eb7","ssdeep":"","tlshash":"3b716dbfeb4e28d97581ed994bd4514b5d1932927e5b04f6b84089fc381ee3825d304a","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.527419Z","times_seen":5410,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1ef.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.666Z","timestamp":1701176108666,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1ef.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4537\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-11b9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5d4fc5021603db75fdeabd28e6e69cee","sha1":"6a5f5c164afdd25d1938ca720064bd1bb080d81e","sha256":"ca2672d07ca705910da6d3e581b3e3dc939e276f5e10267f489ff505b44e494d","sha512":"379dbfc4472660e307709856523882e51b59e1ef941caccb786ff4719ad70e5b69a1b2408d65830c0673d7c0ff077bb0716646d3972a15be4b64e1a05a1ffd70","ssdeep":"96:mi/oC5OUOaProkWfc7rejl5voVLfXyZL7vytfSgk6MM/DRq6t4uG:m05OUOaD7jrepuVL6N7K5T9DRq6tW","tlshash":"5c915df022ec2b764c801a16167877eda3b883bc9538c3d693b609ad569349077417de","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.550239Z","times_seen":5420,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.676Z","timestamp":1701176108676,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2758\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ac6\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9d53eae9645fb743a6ddceb81083b38c","sha1":"d8c4ece0ea0d1ed45d2ec6d1e3679fc256821ae6","sha256":"a2d2ceb4598082ec2a3d795d14338ceee6d86423e7ba658e8db6231263b268b3","sha512":"b7b374829b9315c6202fa974dc7d40baf0085d1e92d4bdfd116b59c13de0326ac3b54fe47efe6c3f3a43cec81f246f8d0620982520079352076139238ffe06ab","ssdeep":"","tlshash":"3b512cf8678ed6a5c5b80d22712bb4588a54878817ec51140534e9781b6ff498fb84f7","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.51363Z","times_seen":5406,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.678Z","timestamp":1701176108678,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2141\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-85d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2141,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e55145c7342b31408383023b4ee11f57","sha1":"71696126aeea1a738a5388c0a30c5aa3dbd58a8f","sha256":"144cc9ef821144807f72c6ee84170156040a64c4d3c7d4c150e4fe70249b805d","sha512":"3ecf6806c601afdb6f8d6b3b1a473d97db08547dcdf8f0e914cfbf24ccad49543dcc9601df23ab54efdbe57117cc9b0f3c74153588baec8ba15a073498ca7cb8","ssdeep":"","tlshash":"b54109159e66469ef3235c5c88698fa06ba808de320e23400c93ea52ad0a2104706e4e","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.664668Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.680Z","timestamp":1701176108680,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2832\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b10\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2832,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"df7b1386f54c25376b9d2e6f9f685662","sha1":"85ad0107ac1ffcad8537141e824fb8bb742f20ce","sha256":"be64be4d9f7b9d9e163ce48570da59e9d38bdcc7fb20ade82bc58ccaa1b09e5f","sha512":"bd18313dfbdc0da38a5f5e87ffb9108b489826930c56ccf43ee20c13b08247f272ed13e5d0945441588e7305a7d9897af9849e07c829b44cb5ad097808bd0e9f","ssdeep":"","tlshash":"de514af46b868d74fde22deea4001a0048341158b752e829cc40bc3353ee6c278950ef","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.606102Z","times_seen":5426,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.700Z","timestamp":1701176108700,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3556\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-de4\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5d8c2b2fac3f1bd7f05a20250094bded","sha1":"3c4d2a92cba717d6a958b92436628660500013cf","sha256":"2fda000560120d270dd72664b5e80676dac9b94dcfded650ee3b221f30ab0bcb","sha512":"ea7aa2f4346445454953d6ef0aae4cb0cf3e7693dbe70c47c9749f35a422a604f090c6a23f3f5be6aab2c1fce56ffc9dbecb27e07815370d53a75e13d17b7e07","ssdeep":"","tlshash":"85713af9df470d97f668ae3197216628ebadea03158faa8c1a171141551ab02806e58c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.547639Z","times_seen":5412,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.711Z","timestamp":1701176108711,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3080\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c08\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3080,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a618fd481916aac3d98794d49805cd3a","sha1":"f11cc58501d59d22554825f8895c2567b8a1fd34","sha256":"feaf849b990416d35b7f9e584048616eb528d647c6777eb6b44e40b3df2900aa","sha512":"7789fc4e272657b9f3df7367251820ecd2dc3cde892c37179caec88cf9641950b18935d8b246c423c936b49c9fbd7cd803539fe1993d91f16e69c11287af1e29","ssdeep":"","tlshash":"b8517d85febbbf718d1601f89954419342b3ff608ac09f52e20fe02166e61b476da4d4","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.855808Z","times_seen":5427,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.713Z","timestamp":1701176108713,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3692\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e6c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b9cdb2a75a7ce963583bc147d7183c9e","sha1":"f1a10b89fcb08bb368a6fa5a9926031421bfc614","sha256":"c18df284bcd02f9c5d4ac4e4ca3cfaef6041daa34f67f79b3edebb910b60bb10","sha512":"fae56086f5513286656758929000b541c6ff1097e195fa240480e624e2d47cc96970b8e1aee61fbfbd1400a04de52b12ffb71089a0bd23155cc65d7b79dc0f9b","ssdeep":"","tlshash":"d9716c5312952c37daed2215cbc9e3606c9784c5aa163fdfa4f944292a3ede350058bd","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.712913Z","times_seen":5428,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.715Z","timestamp":1701176108715,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3657\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e49\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3657,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"81d1f7d6f37284da41edf7b85386340f","sha1":"2cd95226c401bcf377cdf15815c605e1e359e15c","sha256":"5b6cf9d3a97a2beb8e2903e00bf3043266a8b692de26e2071d44287ed7e254f8","sha512":"007ef760e00afb512e98a52c5c549438331282894450febb3ae9065a3bc2e284721458d15e881462a64fff3613a62421972564ac488ce29352913ee8381a6369","ssdeep":"","tlshash":"c7716d5c13b13b35fd947e40b36f7b262e4bf011d8b4e10a082dade94a459f26cd0036","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.748587Z","times_seen":5422,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e9-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.717Z","timestamp":1701176108717,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e9-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2274\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-8e2\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"62e9d67b961cd2928930dd6689de6ec5","sha1":"a38d702d0cba53173053b910828082807ad3c3d7","sha256":"cc520121709cdbe91a9a3fe29abb00d6d1be9dca912c5af4efb5a5794ce47499","sha512":"f48d6fc84b22295b41c97cd013a4977afe7ad038d057fb6f9edb5f184da646185020c9e5d3c6f372718cfb1577e68fdd282b884d677358ada9c56fdb2e26acb8","ssdeep":"","tlshash":"e7414eef76b288924d5543e3d11c8b59387d04ec62165346021de6fbdde71d593ac30d","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.618214Z","times_seen":5425,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.719Z","timestamp":1701176108719,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3223\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c97\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3223,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b33a080ac5ae56006078bb5541418aa9","sha1":"73826becb40f549e3bfe29653607d5616e869f1b","sha256":"1cfc319e93238ec7aac21e603229ec80ecac0dba1033504adf5240bf93ca876a","sha512":"876764982c5d89ac1be18d18171817e5b119c322b8ae3d4b61b9fc127fdc726b60244dd3d95470f8f909c3b3a9e968f3499b803a8273599b2cae2b558166c8b6","ssdeep":"","tlshash":"8d617d50c304897011100bb7921e8d3b17546dd9f7a61faa692fe9a030482bc9b703f9","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.5442Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.720Z","timestamp":1701176108720,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3267\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cc3\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3267,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"17c0490d2e6395dcfa7c7657f8f2649d","sha1":"8aa99c42b09504e2507c3a45deaa5bb11b410d9a","sha256":"9dfdd5293449c936319551f212de40a30aa0f4e6b5cb04ef59455d3a38d21ba7","sha512":"fe67499f7ff5ca4e27838e33e58d8b6e2cc874b4ce3ad21ef01324ee48c2b665d8c27e59dcb13e4fd78c2b68d9c796302e5d792c2af8975d5b2f25d99ca70194","ssdeep":"","tlshash":"9f613ba3e8c5c00344091689933a3ae19769a96ebb7824cb79283857bb238d3f534647","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.810225Z","times_seen":5427,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.722Z","timestamp":1701176108722,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4374\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1116\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4374,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3f0e31cd23d1335091c0e1c576c4fd01","sha1":"0bc376e05b1f490c59fbc0fac8bb0bca1737f10b","sha256":"77b64b3e285d4df04847670ad5c3a56c67cadee2187577aefc2346ade65fc5d1","sha512":"8432601802a50ef7351f3e8add31792552450790ff0f59230e0bea3141f4e5ca26494fdce08f78083145d02670c2abdbb5e5f0a0c0ebe4d0243fa8b385978f78","ssdeep":"96:mhNFZEQdkgIEeEGEWatksF7Y5CbfGL8+85HM1LSeOm+9nAR639HV:uNovHEeE9WOkE7Yuf8t8WS13A4t1","tlshash":"1f918d05e47e18fad7f88f7844198673c2e4f49ddf506a41ae22a80e8221ecc49865cc","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.858054Z","times_seen":5418,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.723Z","timestamp":1701176108723,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2909\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b5d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5b08da2a1d8b7991025aa9b1b906110f","sha1":"439018562e50d0c1458bbdb1cc430411c1ff34b5","sha256":"e229ec8334d01a7ecdb79092234ba7a9593135893135b3ed2a9f5814c39c7834","sha512":"06fad988c33abaaee649bf0baa66929d46dc082f6cf8d36bb58dbb5e8447df6f40c6dcf14d1ce11922c90c502606ceafe7eb7fad4e8c8c06801925c63da62cc0","ssdeep":"","tlshash":"68514b62dc8776bb625e5f8621a7e0f64538d1b6ef01361ab29710209e00051f26d1ec","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.555187Z","times_seen":5422,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.726Z","timestamp":1701176108726,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3846\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f06\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3846,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c27115f1185fc29e1a2c6cac949593d5","sha1":"8894e58b3164cc8550a149e6ffd159548fc60755","sha256":"40b97e9ad9d65372f8bfd5eb67be4963079d6263e69d87e1a731265f5a4c7e1d","sha512":"36ea97c52e4faf069936f27f6ecd903c84b1b9d2cdf26ff4ed88f6d9060bf08b84ba7195295da6643fbb0229e053c9c1f9dc11461472720b392935ceb612b7c0","ssdeep":"","tlshash":"36814ae3c3b02e02de6f95f6b30d3dfe9441c8aac44164636a07589ea110fe5113399e","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.731159Z","times_seen":5421,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f5.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.731Z","timestamp":1701176108731,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f5.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3564\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-dec\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3564,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d60f5fe5e366e70cdfc0dde4587b3017","sha1":"5ebe0b322df6166b88d3f50442c4f4601c23821d","sha256":"542767c8d06dbfcae138b854589eccece1acc6f1f4c4ca2b4c2f9ea5b523a434","sha512":"fb3cca6177e4746716318b956be5f43d80d453622a7886cf8b3f7912926ed2f300aea5c8ded7c3d2ccb9001d6fd4af4977a11bd9cc87f0e6ffac2605ebd961e0","ssdeep":"","tlshash":"43717e9ba1ca6c6dba1ffb550d68ffd8da1093d8d2c46445434cb24c1081fc0c6afe66","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.714027Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.734Z","timestamp":1701176108734,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3009\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bc1\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3009,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7867e849727d09427e689916903800e8","sha1":"c1637240c7fd8c2a3452830e927a8602f696c78e","sha256":"8cd0e6731aa5528ac2cf6b897709cab08c11cdbe35204f75040b1b2168dae6fe","sha512":"51d405dbdae5c6eae0aafbb8784bf9df62f11f84888e5af019e7dfc44498328b1cf26d2e21d0cb88a9c0ddc1e0b014a1cba94958cb69e59975736d7b1d1ecc07","ssdeep":"","tlshash":"6a515d19a9351ad851b9a9dfe4be07e1ec7867140a4f62101fc6e63c4e3181b2d943d2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.770466Z","times_seen":5417,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.735Z","timestamp":1701176108735,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2890\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b4a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2890,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"63fe892d38e467f8a611a1bc9c59faf4","sha1":"00d5a863bb1b4a94a397b44151aa0b633ac10ff9","sha256":"1545f19168d99d5d7d8f40fb9ea724baf0170c78466c1889422ee7ec1b804720","sha512":"1936fd269e86792efaff2febce7e094b3ef88cb96d6454cf24b44cc48a76dc0ce2eb1a08a6c3816974f89232610771276852b8492034f7185f5a3a02c0bc5cf5","ssdeep":"","tlshash":"84514b5ba5a41fe554aba8a5f52073f8b00d4435f08d271f3cb88cd689326927b04fd1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.904836Z","times_seen":5423,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.737Z","timestamp":1701176108737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2218\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-8aa\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2218,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9ca8a7cdcfd87148f27494a9dc7211fa","sha1":"de5b3de1938222a2d46a93d6325070d3e1129bfb","sha256":"695bc3fc5cd70ece81f0f738c41baa4b4ff5a1619ad36d20a516f3b721cfcb5b","sha512":"c5fb85181e39f831560a5c5ca2a9fccc217fa970a0238ff953e50f22147ec427bc2f6a166d211cba7e08cfe291b048300302119e2cb9b6f517c6471061b19d34","ssdeep":"","tlshash":"dd415a49005b5ff8b63085a60697003aebf298b40dee3f060b4ea3e13d04f72865760f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.832596Z","times_seen":5416,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.738Z","timestamp":1701176108738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2800\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-af0\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"861ffd59c2cf72ab86bf0e1b9a7ad329","sha1":"6c2b83e61edb24d8e4222cbd4ca17fe4de83bae0","sha256":"cb587a65f8323c7c453409042bfa21cabb1a027cc30fdba439495e1b9541afd5","sha512":"0fd0b500011c1a9fabd730c11d359f4b19db6996dfac533307a94be6262654f7bfef70ad96a18d8a9b4cdde0bd5c7bfe4a12972484f9e3a70ffb4d1a3af9a620","ssdeep":"","tlshash":"af515c4d32cb511ff78b79c0cb52080294704da38fb89ce035645ae3ced841d2350e6a","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.663577Z","times_seen":5424,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.739Z","timestamp":1701176108739,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4265\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10a9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"914d42f1ae99c610423d2b5fac315a94","sha1":"8bea907911587ed5fe8d72052785409b202acc98","sha256":"a1e805a6087b9be4cf3e876cf5d41a398a2cbc191d810a5e3497c4e1bf43122c","sha512":"d522d5387c5fd8c2effc56ba71eca4b11c94cabc92ec0ecffda18e0444659c2da67b31352d6846aeadfddbac80914cba9f93ec3018125a3d93f53fa8ec36e9ab","ssdeep":"96:DBW3P53G2iVhQtXHXHP7OK5d4n/1iHrgXi4k2wtc:DBmGkX3DN49i0XrI+","tlshash":"9e916d157a8aaf95c26c70a88f28195dfa45fa244737274f58ce08312991c7af159d0f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.632052Z","times_seen":5421,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ed-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.742Z","timestamp":1701176108742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ed-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3028\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bd4\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3028,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e5ac03c1200d76ba092fbf950f91b993","sha1":"6bdeae35323f88e29d7f2564037323de2d594d3c","sha256":"5ec09892ec125e15681ae3683a52af14d6cedbc342a8058abb1b58b11a81b902","sha512":"1f09c9132eef69b76042d4d8b2153f4510f9f7bdf81d136cb9e4916f77fd229e976b5a614e6c48961327d8c261c4d3badcd2be9b4fec74ec64c36b177cd8c48b","ssdeep":"","tlshash":"37514ca3c3bb46128275727149456e0e7d21e2069c66673332466ec450e30f528683bc","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.67221Z","times_seen":5421,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ed-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.752Z","timestamp":1701176108752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ed-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3388\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d3c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3388,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ff32bbff288ec50b5cabed31570cf2f5","sha1":"bccafb2317b82f767a9c9c791347d42cf576ba43","sha256":"24a65076ab9788bbae68f6fdc6c57fd05d15b0c3e6c7b3ad6022fb9989c14661","sha512":"df2a4e78896660313004393377cb2c2e339b337eafe38c8c78723879456dd40d0168fb0dedaa1ba793b3943c37833b275c531054d650a437c84eee7e820c1047","ssdeep":"","tlshash":"15615c435af5e8dd3849b515023f38e0cee7f5895e4c2c241aae6443eb266c994c7e07","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.567634Z","times_seen":5417,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ed-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.757Z","timestamp":1701176108757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ed-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3240\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ca8\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"20a8647e06a7b1aab90f1247c743ce03","sha1":"9e1b7d9d187d3903a430a73c582a39629787e3a3","sha256":"951b76ca49485314c06676a455145f66366cf65ec9d33d6c06d7122f1692f8f6","sha512":"63902aca80ec2d70c733f9b9097090409eb21df48fca190984028ced8a617dec31f7fc8873c4ceb39013d8d765ff8149ec23138a55d684c19761490ec23da518","ssdeep":"","tlshash":"12615cc4582dbd17c2798973643dc066acf6414476dadde00cae759808c9c25e489e5f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.706724Z","times_seen":5422,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ed-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.761Z","timestamp":1701176108761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ed-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2989\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bad\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2989,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ec79492351449770d9edde6779addfb6","sha1":"c2f5c4335039eb644652842180a4d30d57a91f7b","sha256":"92f7f1236fb9e912bf7339444bbe9747ea545902cb89cc06165c5b96e411bc8a","sha512":"e42d074f6569d0726098891c76f3165f61ba50be1a1e65f1d0ff009fbd81d8511bafab4279116319cdbf67f97aa6998ddc27592d18ef0ed24370f16149c116c2","ssdeep":"","tlshash":"2f515cba62df2099330ed6a19b63a4325d6872221f50030c3ff64e3ae929958a11c016","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.66635Z","times_seen":5417,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.763Z","timestamp":1701176108763,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3844\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f04\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3844,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"969664b55b9c30c631eb554211975424","sha1":"d75dce86ddebc4379933e4052161f0538f363961","sha256":"803e4ddc12bb7db4687c3ba54c38cd6a5548d60c4fbd530583b1ebca156e291b","sha512":"455e6fd429acc70c92b680ae74e02ee9ff0bf50fb973348269fc65f99427a84c2ab69af182a06d61a4a3c3cd74b92404e3024140b451ea00e569bb97119ba85d","ssdeep":"","tlshash":"cb815b90f387eed56745336cf2ab5328fc06ce61afe92a53905389914c4ca54d87478f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.905763Z","times_seen":5416,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.765Z","timestamp":1701176108765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3359\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d1f\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3359,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ca9e5538944fa5032245f61b8ab6bb0a","sha1":"daf05864926eb3ae50615a3d70188c40af3e8a63","sha256":"beb1440d300b17402d46bece22bfbc19e8f38193354360829492fec4ef285d68","sha512":"decfff9d38ac4acbfb63a489fa89066dabab8cc85640d6cb1ed9d8caa3199adb73e6123d8c1ecef408bed099b85ab152f9f7c18595585444b2d1a1b0695c90a1","ssdeep":"","tlshash":"36613be06cf84c0badf4ec5dd15ca094c4120c9432e9da467364b4e4b1beeb617473b2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.562744Z","times_seen":5422,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.772Z","timestamp":1701176108772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2280\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-8e8\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2280,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1efce1a053fe61d05a90980fc26420e6","sha1":"b1eb21e2fde9c2fdbd2a4a531619b0b7b8e7eb76","sha256":"8ba8bb29313dd0ee0c750ad22e8423ac6762cfffe53f82432b4024441acb1cda","sha512":"86ea1c155a92194488e1a5ed55dafae28c46128c4325500c0300477b477819804d40479825d3fe48f6964ebd96b49d33ea5baa244ed3aa6ad3e6a9491b10ee31","ssdeep":"","tlshash":"51414bd4c9d820387ba0f3b2080112000a742819d7092d73545a29df67773ef7bbe5b2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.612082Z","times_seen":5416,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.777Z","timestamp":1701176108777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3437\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d6d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3437,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0f44564cf0d543058945ba6cb3f1354f","sha1":"2022fbe1303a704c9e609e7b10de60020bb25174","sha256":"3b961a7c18093409b4aba025f0df3346e765e119cab2488f8dd09214a7974bd8","sha512":"c8ee2e968224e697471e3c8d588b11ffbb428d5499908cde8adb7a24bfd9754ad75604f4cd98b6da951dda36ecd7115ecfd4c02a9953ff0cd4933430aad60f68","ssdeep":"","tlshash":"33617ec6b4bc6499e6f149b3cb381393b51d807b4778a62d5b4a31b8170c86d4781f6f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.862471Z","times_seen":5419,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.783Z","timestamp":1701176108783,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3034\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bda\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3034,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d15f3398dae6bcf876549d77e5ae867c","sha1":"20f383811ce2b22d6381525bd708371e097c8868","sha256":"52a7831e8d0eedc415aa40c2db6cf80d581dd0dd63e3fd44ed3ac0386942f2a2","sha512":"465a2e7d250d7f3c353d8d7bd9b00fa8d6e850dce1f82f113601cbf2936d6b6cb0c433e6ad0c31a304fb3db09c7fc2248ad27ab0a65f97f18c56e47cc003de64","ssdeep":"","tlshash":"5f515acde8ca8c26bc526526c03c60aa787f84805f1b758c1dcef426e4b27272564797","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.539212Z","times_seen":5420,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.794Z","timestamp":1701176108794,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2150\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-866\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8a15609c9b8c1e5c30f5d6f1ef9b0340","sha1":"20523a1d2421795aed96c57e2b3ddae029150c36","sha256":"6d2ecb641341786ac728f646e0323e61caaf0392f4178f679492c1215536c149","sha512":"aaecc19fd5230b77dede3f8c9f795fa883eec224f3658276cae0d60967c192d14da3b5048cd971b64037102858cb5768d8d09c6ce93d1b668ff7c7ef73aa86d2","ssdeep":"","tlshash":"85411c9c54731dffc04edc624217a0cfeb212d6349934a1b45cf36396cea454d3d0556","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.442875Z","times_seen":5404,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.796Z","timestamp":1701176108796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3857\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f11\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5d33e1836353839df63c5c9a0781de74","sha1":"97b523dc307734a8364729264b8a58e70f9a92bd","sha256":"9865d412105b605ad52eb54116c42a2a005a4d2eb300ff84e3acf04ef25ea596","sha512":"0e0de00dd7225debdfacf163355a982d836b51bb36ae3be5bf842b5c5c788ddc43d7ffd6a023f043efdcf89f3bb623eec6319de0c7e92b3e56462b492a81c14e","ssdeep":"","tlshash":"c4818ddd0fbc499c64735b01e0ca911bd47be5103f5be4165795b0fe1a8350570c943b","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.644515Z","times_seen":5412,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ee-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.797Z","timestamp":1701176108797,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ee-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2128\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-850\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"47094760e27e3704c2e272e6c532b9cb","sha1":"9e418acc8a0aae29fd55d2acccca9aa3e8b05788","sha256":"85578d34dc587353fd7a1bbfe26c2b62b36bd74b4ae642ef0fa409b75cd4b60a","sha512":"966d0480927e3aa1e1ce64f992eff512543fe490faf821b3435eadfa7ce9506073109ef8f1f4f481a88a6c94e97837602ea05f076b887a9e5afdf242cc3e9568","ssdeep":"","tlshash":"0b410ac4737347c481489779a69c59233279a770848b6214cbde5d9767db304001ca54","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.563846Z","times_seen":5414,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ef-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.800Z","timestamp":1701176108800,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ef-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3645\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e3d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d4dcf761f520aeb4f753c0e55da4d8e3","sha1":"55f3f67b053e353969dc7ccfec4d60d0ab7c75ac","sha256":"f0689ba144973316d580586b7d56846e0338738fee3e652837131a56957a99dd","sha512":"fc6d491ec4283517bcc776f39d0810ee5499b1e8db70355da2e4f56ff183b89163c5297b0b10a569b813deb5f72050e48d0373a16aa352024747716ee87f634d","ssdeep":"","tlshash":"ac716c4922619fafc9daf43b072d572473b210e13ebba3c24e4e6242d057157e039aca","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.555705Z","times_seen":5406,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ef-1f1f5.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.802Z","timestamp":1701176108802,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ef-1f1f5.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2190\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-88e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"72f872b89688462bfe7bef1020506dae","sha1":"c32544fbf39386fe96bd0081dec10e708aae51c6","sha256":"cd27b3e55265f548902fad33da4df8809a569234fa0673ba4e6223d92dcb4cec","sha512":"bb654e93b5e9613328bff0bc99923fcb1eef6d0479e059d21849e9c874610e03f2ef3b22c3d483600b6c4e7b8a92d9be0b0ef8302649da8fc355ce8a16cd1a04","ssdeep":"","tlshash":"6f4109a526ab39e16ecb35f816e003983614c7281440e3c2c07d95b6d572239c0aae63","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.826711Z","times_seen":5400,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ef-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.823Z","timestamp":1701176108823,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ef-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3112\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c28\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3112,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"999c29c89776d74d2c159936900ec17e","sha1":"da7990ce2f35480ee8c9164b61e1af04c139db43","sha256":"9a679f9dace73d4ba1c8c6d4a2a349764be37277ef0be41e8da583590753d4f8","sha512":"924031c4ea5197bd6f3e63e40ce01684455fe952e1090c5e790530cf045f0106e468ca5acf88517249fef8123e31bcd186753fd08d8e66912ff394f844bbf591","ssdeep":"","tlshash":"e5517d3c562729a763dcda0c93521307ff49420977cda554d78c2796a03378f5da6887","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.612621Z","times_seen":5405,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.824Z","timestamp":1701176108824,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3638\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e36\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3c498d3c412aad668c6ecd95e793fd9c","sha1":"f6f4ba0400a4cec824ebd26800e139fb2dbb7be4","sha256":"2bd379d8d9dc1425affc625fcf5e366784dc416f4e62d40ffeb42ba88a872262","sha512":"10067f1933db65b996d2e7b10aceea8208510c3de00d507b04f81a96c9c3d17133a21efd1255e8cff38de9578407025e9232def36bdc4297c6a7d53c164e32a4","ssdeep":"","tlshash":"3d717dc5c1e6c9369e1b43ff0897bd8b32e74a16a0d41022c5ca833bb432dad5e6e595","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.626978Z","times_seen":5411,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.842Z","timestamp":1701176108842,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3674\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e5a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3674,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f2d90d66b0e9b27e8498a583e6ba5bba","sha1":"d02fee08fb228d5f62d1f4c1e170446190c7e992","sha256":"5886154a996f6f76335ccd6ac2024d617436223498b7f17a50c19c0e3a258db7","sha512":"9f14a3f6240dd23755d31c5035592bd5d68ade6f1199c90767b4890ecc5df54cf49e98651e3dc4ad00b1193931e8228dbc24b281f9c0cc9f0a4f551d5c863e36","ssdeep":"","tlshash":"ab718da8d9a037b3e79c6bcb0c5d75d6e62765cc171bc1a7c66f61279a0341f1f0a080","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.264463Z","times_seen":5396,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.845Z","timestamp":1701176108845,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4698\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-125a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4698,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"6e4e289990b3f73bf9a749874de1b014","sha1":"a68265bbc12e2432f8f5a264c57a528b983c2c46","sha256":"3867808ca3d376fbe15a6caa2450c2e91b9b2145e6c274461b5268de7472e2aa","sha512":"770735ef63dae59e3715c62db4a69e97b75ceadf33fc61e254f4faa3eecad733becaf6051720d62e4080dd0a25e908a7b8fc16e03488b54f5eb9dad1d098b724","ssdeep":"96:0XPB7k5DATGabBMg5cRpLKOZ+5lGyS1mZdYurynYBDGoPH:U7kPg6RbWlnZ5r1BDZv","tlshash":"d6a17e65734686ce1b4fab2a82071dc45de60ce99451ef391f28f0c9644c2e58bf856c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.411992Z","times_seen":5394,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fd-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.851Z","timestamp":1701176108851,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fd-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3170\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c62\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"18975f325c25372afa384a185757439f","sha1":"96996bd89bcf0d5d2796b2f1e97efadeae8f41fe","sha256":"87aabc4e577b428e3aac571755de7b683f7f91cbd4ff86e86f48fe21e0e7c588","sha512":"30bec3d099d8fa0a4da633e411440a017af03b7ebd9c7f1a55993e086213dd1b3686d4808dcdf76b838a9bf60f5acdfa9cc1ea2532f65ecde6238cb3b6357808","ssdeep":"","tlshash":"f2515db52d891ae80e6eeba1d4bbcf013dfb865e450a2e5506479904500b7c936784e7","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.508864Z","times_seen":5402,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.852Z","timestamp":1701176108852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2908\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b5c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fddcdcd8599167a10fdec3ca0f7dce4a","sha1":"2b5d6c2e8befc241dddc38f41ec518a0c7b46e17","sha256":"59f2cfc9f3a24e81e13bd175847328039e9f0f8fc2f6f73b12ed937d62ecb35d","sha512":"17b8c01c4e30b1b6b5f0485f7328497290770d2bd7a943702f42bca6226580c78f90c66dddbf3617ab98fd9338d553c541f24c4ff4fab69d156c6f5075ccd55c","ssdeep":"","tlshash":"f6514dc88927c7dc7198478a733918c90b1e04db39ecaaa06d5d5e45862ace2c02ba4a","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.912379Z","times_seen":5400,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.861Z","timestamp":1701176108861,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3136\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c40\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d7f2df6ea9db9798d09ac0c846a76e85","sha1":"d552176d7fb8c1f364f1652b4de77e8a65ebebd5","sha256":"cbd1f61ea0732e188f21086ef4bf76b904dddf7e277706ac0540b0de673bcb2d","sha512":"941fb407c9f2b32b816e2d614e03e56f3261de951bbd58e503256ff385f11095d4b4551c96ff9f8a6cb59d8b85550b373ef6131da8d5af739e13b385e9321e4d","ssdeep":"","tlshash":"83515ddfc0fefdf39b2019a1651f095f648d28fcd1852877069155354821bdab8a674c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.836275Z","times_seen":5402,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.875Z","timestamp":1701176108875,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3149\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c4d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3149,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"836da55fee5fa5316820bb77f53b7cee","sha1":"6f578acec8b8aae1d66190c4b59251af641513fd","sha256":"6eef580bf419ba70213132954708b65365375dc64b45e5355da60c8cc4762adb","sha512":"07acbd67ffda27352213273f634f6b5a39ba2cb1891ea9c52e65ef4e0b16fa41a8aa320a32e1863c12503233f55c73ea6ad59c41339ad3b5efda8b1dd190c7fd","ssdeep":"","tlshash":"5f513d22866306dffd772ef2430a4504a66122f17902e8f1856eed552d734e2239f9c1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.627722Z","times_seen":5403,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1fb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.878Z","timestamp":1701176108878,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1fb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3102\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c1e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"19ed633943ec8d62743bb004a74c6bf9","sha1":"fb4c2008b8318934f7586c5bdf790ae01466a809","sha256":"8ac82449464e082317c7cc5961ee6c3ff608afae4ae2ef0c0178ba17cc0dd46c","sha512":"1d5794d8d8ecb8829363cc6290fafbffc11f4f157c074c94414f12b81b01d969b06d7a2a797de56c065557dbe5a4dc9bfd51317863f84ac47a5097ba005eef59","ssdeep":"","tlshash":"dd515d934807956c4047a35807dce82420bcbfa3129e2f610aeb08115797ead06e71c2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.850752Z","times_seen":5403,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1e7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.887Z","timestamp":1701176108887,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1e7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3624\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e28\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"87ef9ce1e577c20329e75dc433902e1e","sha1":"c0e7e7e8c387f7e15b924a47efdb1cc2ab27ab02","sha256":"57828189e51d272b515daa3a050406fcd8525b66015a08e4cff94821bbbbf44a","sha512":"221060359c49f74becb47d98fa6c748ea3254b4625634b31496905b8b41217a30498a7abb5294a7233d1a91cf2bd4fbed0b71672f4dcff0b4ee29f670dbd5d61","ssdeep":"","tlshash":"2c717d19eb4be0accf1476ddc7093d1dda2416135b0c317bec063db11170d38d2a8521","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.416781Z","times_seen":5388,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.904Z","timestamp":1701176108904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3358\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d1e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cbcc9fe9409910ffe43ac7eb38cb59e3","sha1":"d5725925ced4fb43a12546a932465117decbabaf","sha256":"44288ba5fc813d884c1c0ba23ae04df43f40c73846edf1a9a6d952c33576061e","sha512":"577e1fbcbead2e4a6b5500d00086c5d1cbb1eae5c2b636c44072ed907f9bab32b402e9852877b1111bff02ffda15347675f7edf97ffdf7b5f5598671a9047e88","ssdeep":"","tlshash":"ef619df427674bfeac97414101c2cdf2cce9291161f91c0799b5b215f3b34898cd9835","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.868469Z","times_seen":5399,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/147.6f6c83fdc631d19a7e7c.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.440Z","timestamp":1701176107440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /147.6f6c83fdc631d19a7e7c.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 07:50:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64326e38-8c94\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21606,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"8210bfc1d069a009ba2ff9b979f90089","sha1":"dadaf6e3f392a892fd867e09d19eb61f576f9eda","sha256":"36ebf92368f09cee507247453adc5b10289e5ba04a2574c26eae8f0c61b204af","sha512":"e516011a489f3284b4bdf3d5ba019a4e77836b9c7fb0e63a7d1b0279d8398cfa800957965e9d1d9c4071a22cc08eec8a6634f5ea7ead0a6d0e65599dfebcdb11","ssdeep":"384:mK8/HME2tkjHt4RSDcTtzYHOBXNHOV7D9NBbVOujsh4WqAFWn+1qlFYC08:mD/HJ2INgSDKJYuBXNuV1rVO0WqMkBjt","tlshash":"5ca2e16b07849f7da1c0f1d2151d6cf089ae22a5502a85525c7db0dc12e8d7fdcb4f6e","first_seen":"2023-11-28T13:55:28Z","last_seen":"2023-11-28T13:55:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.975Z","timestamp":1701176108975,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3228\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c9c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"599c142ef3a1762e9c7cebe246a265c1","sha1":"1cbef34143cd8de8773ec32d891cf552bf28ece1","sha256":"7b589e6e59d0a5d840d82f33bbea0d3ba3923c349ca5404f465c05cc6f752e6a","sha512":"156fec44dd65def0d005e05c130afa52e3217af6ec0173315f9e1ca78fa9d10c62c7b8b0d9b86c9d5e36d803a0deab5a342a2ec0b7e188622a57ab852f23168c","ssdeep":"","tlshash":"90617c43c377ae2d2d4e2d2b8305b4248432266c6234ffdef8e7b01c14306d211b65a2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.675911Z","times_seen":5396,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.980Z","timestamp":1701176108980,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2951\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b87\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0b32ed1f9d3eee835592e62163ce5a10","sha1":"8f335c4d2ec1ab2a2f955b8911f9dbcb7575580c","sha256":"1e2c8b59d4be7bc1a66e7e5c5ae175b6fc1a3c8aa3808691d9a5619fe97f4bc0","sha512":"ef41e36d38c2b5ea4869de362587376f73e601a2b91ec70e86b79af81b145c984592f3933a026ace0454661222ad81c864f05a0d58e1bed59aa2d7ec942ce982","ssdeep":"","tlshash":"05515c67963431df97688cd97f86a51fb3add2090ecc853385592241c02e53eb44c6a2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.5728Z","times_seen":5398,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.986Z","timestamp":1701176108986,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2924\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b6c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2924,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"6afdc75c2c1e031313f8053e2044320d","sha1":"a4bf1452fa8d09a6316d9fe17369941c9ffe71df","sha256":"1961cfd578b6c8b25808d06b16b449ee12918c913305f89814ccf37cb5f9b3ed","sha512":"251f89c5b8e554d326f771e95992428b4434e03d906efaf6ebc2ec7d4ccaa80cf1fe4bf580ab8eb5bf124f98c2afdd5a3794e5589088ff6a690a7676af3e7667","ssdeep":"","tlshash":"a9515daf22fe86849e6b7fbfd2a3041d0a581d3d1cde27da15403290312a840c5dd6e2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.309631Z","times_seen":5386,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.988Z","timestamp":1701176108988,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2952\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b88\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2952,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"82e255b7d99d86e9e683ac3a4c0d902e","sha1":"9144d1aad6a0ec38d30aaa87905751c1e6c93461","sha256":"08dab639b147484f64ab4713e1cd30251008322e0ea626ce4f3623188f43ad84","sha512":"4804b72a776111993932f63e2b81364c33029d9ccd408b40f1d640181429bfc522772937aa660f02950e93b2cd6e0977ea27004d378898ab94f70ae0dea70c88","ssdeep":"","tlshash":"67516cf60e883271c43967892d73f402e02575355d43de784e03a59c316938ac9f2e8f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.910674Z","times_seen":5396,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.993Z","timestamp":1701176108993,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3300\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ce4\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3300,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b2ce2d72b8841f880d80e39f3f393940","sha1":"614062e87bbcd8630fd437e7458b01c099bdf2e3","sha256":"3061202a3a09934defba22ed32e94e36b2537b1ac074fd81bdf497b7651ebcc1","sha512":"47a230a8173df2eace9c75d90b48de28745f06f93de5b6508453f14373eef1a56749e0a3e21f3d3c21d0921b536ab554e4b8f56354f1b618e670305163841abf","ssdeep":"","tlshash":"0e612a1b52419a31d1c382b8881b3bb7e92d0bf6add50e71cd50176886842cd28f47ba","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.698931Z","times_seen":5397,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.996Z","timestamp":1701176108996,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2370\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-942\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"20f797c29f299bec9848f174c196a08b","sha1":"3413d6f9def7f4064e0fc8b81e7fc9a24ecfd5df","sha256":"2a12aee8c2aa2ae5669725e15c3e12a812df1327154bae3eb77e28a8e953b009","sha512":"719d211c77d794cb02d2cf7f313123c321819db1510431e40989661ff3cdee27e8f9164b0b123c242688fe3363301d0e8ef0554606732012598017a4a61502aa","ssdeep":"","tlshash":"4a411a452a676b1e46c1480e35ea72bd843d58101ae0383b39efa0d582c83310e0f856","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.890476Z","times_seen":5397,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.998Z","timestamp":1701176108998,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3002\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bba\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3002,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"6ef540582ae88e58109eb3fefc807c60","sha1":"c06f272b8b9438a03bce5bc7cb61b225ae34688c","sha256":"2e5396e4a7a5f6b94f03755f7f3ba1e9a73f28de8a885dd9e65a78dcd0f8f20c","sha512":"c1c14c4b25ba9471d80bc9b1a0f14f99dff28f60d7ef37cd12113c6b2fb4e1ba7a3083e5b418ab5b6af6ff507ece57a5bae6aa02c5d27941551f4158f3bf2336","ssdeep":"","tlshash":"6e516df2a7449bd1a6a2c392e604e8ccce4f5418de76f44c2563415cb990ea0b6704c0","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.704256Z","times_seen":5393,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.004Z","timestamp":1701176109004,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 5537\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-15a1\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"15146f32e1828a3713d58e1b973aaabd","sha1":"136c79d597b63186ca0c4ef9db2928380adb9a63","sha256":"986e39dd47c54426b52774dc99809bf58ad4f02fd22a4be24d80164afedea5cd","sha512":"c432e274a8d707691d39e1a203d631c6109d208cd98cdb9699fbb8bab3203622675758fd2e0dd342463cfa097a29b1bf70cb844de2ae2bab4e92aaedb766c352","ssdeep":"96:nbbHm9qtynDaQLm8lUFyEOnakWysGr9XvR6rSM0QmhdrGYEDhGWkMkHnc2zbauvI:nbbztlurlUFyEZkWyb/RGSM0QadrNEpZ","tlshash":"40b18eb66fa678a438d8bb3d5034be43e46b166cdfa59246476b31bce45d2e5043a040","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.600837Z","times_seen":5396,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1fb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.008Z","timestamp":1701176109008,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1fb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2880\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b40\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2880,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7edeebfa46b41fd524ebc986bb304bc4","sha1":"dc5e3c90f9ba2890d8525d1f22f72b260844067d","sha256":"5bc6f07ce198eb857522f38971574d7b3df0e40d17ea94c84060e8a891c7a2c6","sha512":"c3339f9236c1ae42eaa377ef02e832d7bed309fca174eaf4fbe6896611691fedf17e958bbaeb79e8f31105f712382ccc772fe791e15c5a98650364d33daac4fd","ssdeep":"","tlshash":"0951084a835c8ba1b1910ef951a91d1f3375ac380fe29919da33e3ffd55c29946d4061","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.564603Z","times_seen":5387,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.009Z","timestamp":1701176109009,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2188\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-88c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"dd161365d7a9b63ed0a03119deead1ce","sha1":"2fa537ab49697f85dfab8e132b5327819d3461b5","sha256":"0ddde8270c17df31c059d4d13a00c0032383819bb079cc670be4cdb00a7ade58","sha512":"840250d124f68d97fbce088704cb80a1f0bdb285ba5b5242baa994b8dbeb9c4ce9948eab877815dad52ddee8132c0754802b203e8162f7ca53488ca497fb86c0","ssdeep":"","tlshash":"7d412987ed133d31a2816ae32a2bc5adf4e3d5329385def9450cdc84a2029172cf081c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.66761Z","times_seen":5389,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.010Z","timestamp":1701176109010,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2271\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-8df\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2271,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fe2f426f15c252e1d15b9fa52b18b3da","sha1":"270ca86f7fc28edb632fe6ca375a614e78a4623d","sha256":"8ddfd4869ebd85e66a7f0951b1388637ad7ed75c78535499b6628b6e8e54f41e","sha512":"6d72fbb49e497b5bd1da3c559970ae700c6a944fb1146f2ef35ecf4757d6f934d0c7c387b102991a5907a3731f0078a45081e90957ae89725d2c54e9713a937e","ssdeep":"","tlshash":"564149cf83da969cf85d293a42a04272536534e8eceaac3e1091853b1520412d4ecaff","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.619175Z","times_seen":5390,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.011Z","timestamp":1701176109011,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4151\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1037\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"44d9731fb04df6831abafd20b951f9fd","sha1":"c76e4cd5e39852c7f810ebe253012bfb586fa9b3","sha256":"c65de6f006d68eb6b90faf7a46794dc13b896cf46635c4eeafc35abb6e29e72d","sha512":"650d568723cd93fbc0e115d6a11c3d808d093dcc66a7891ba45c98e32d26e54bc62ca762df528d93c78446f887fd170f19068f8f17c3b934294c87f2ea040e8b","ssdeep":"96:WV9QARvETecFlpwq0dyp8BeE+BzfWCOGm9ASFUZosk:WV9QARvEyKlpwPePBrWCc9Nsk","tlshash":"18817e2efb7c6cb1bd1bd50aa40afcecd055d07402a11f1245363f31e595e58a5f208e","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.588207Z","times_seen":5389,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.013Z","timestamp":1701176109013,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4430\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-114e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4430,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"83c74ced98f0724723dcc4f8b1cc6711","sha1":"d3bbe24d2a2c0c19aa908ac738bcac24aa095286","sha256":"e087e51e09bbc085e588fccfc1691325b494f6c00c559ee6f52e1916cbe60030","sha512":"e541b80f94ab99b66e85ae3c49a639429aa81f66807d7300d3e07c53f1d84d90d95a130175692427bfd44224835253053379c651cd0fa928d3e571cd469b2f3b","ssdeep":"96:1/c77stXIgiwC3WZehMfyJwA9OrfiMuuKW0eaalMRWBscc0Bkt:oKYgiwCSeafy2COuMu0MRW2h0O","tlshash":"b3917d92d863580fd7be82a11114bcdcb93a0cba3b98748e843f5958205cfdab5ab034","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.863066Z","times_seen":5385,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.015Z","timestamp":1701176109015,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3456\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d80\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b382841e0855364b3fd42e2396466f1c","sha1":"f0af2e9cd2a5cdfb18cb8b0ecd259a4264064d6d","sha256":"062176c90a2f671ced9510a6165ed9441a13bb0d17d902efd8729942ce1bfdec","sha512":"9c0493ef7df9143c4f648f86456ef0534aef4d57928746dedf097164c7d1a3b46ab68c82f59d3041263696b8deee5e6d45369a63bea0c1417fa1c3e9f27cd83c","ssdeep":"","tlshash":"a1616d1172af00d19d517f22c69a6341aa3307489b5ca99f09a8ff24cb55e7a1c58992","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.866202Z","times_seen":5383,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.016Z","timestamp":1701176109016,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3261\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cbd\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3261,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5c027e03b6678468d99173450ad65a5b","sha1":"3933ad349e3971faa82075b0cdbc96689f7c825a","sha256":"95d9b577c68c1a0a25b220371bc463c5f3cc2852478c79c35538df2835599cc6","sha512":"2e6a8ce2dc7eaea3f8342fe0e744a4dab3c8f6e7c023536574be0f9f7df8d480f35bc7234dfcaa5da9f300abb257a3730aae0ac71a6a10e84aa863bb6b7115f1","ssdeep":"","tlshash":"43615bb203094cb569e5f63f8e8e01a0e1a5a8f7ff59cbf99222056438cd010fc1ba01","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.573915Z","times_seen":5380,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1fd.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.018Z","timestamp":1701176109018,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1fd.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2689\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a81\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2689,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5d33e8c19f4b4795c8fe569e1b5a69d8","sha1":"bd1174e0ca845076cb867c6c37b0807b2d346e7a","sha256":"8ee9c2528bf31879fe272e8964533e448f7c1d31636946b83d0322ea8377d059","sha512":"02fdef055e3471856f407b28f002af33b7da7ba9db24425025e855db00790de44453fb7d1063978d0cb593c598e0a6bf95304cd21e565dee025d1ff8e8eeb14e","ssdeep":"","tlshash":"e5514bf1f5dc75444d77606c86018db422f0760845f2d98a165ca9a174f7fb3a21a6f1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.913093Z","times_seen":5378,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1eb-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.020Z","timestamp":1701176109020,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1eb-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2718\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a9e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"45c86e5178737a53b2f40dc61c839b54","sha1":"3e425af1364a3901e7d4700ff31b0fd0bf4e2716","sha256":"aed5b82a7b50a5c2d814527cfe995a0ecbd9aed3e54b88b58250976cbbb40ead","sha512":"aa22718637371e6c2086413596069c8bc4eaed442521fdbb0ef07cfda64089a9226a09c101bb95cb248f8f89bafb086958cb67e37c4a9f644372a7aac0a9fe2e","ssdeep":"","tlshash":"23512a8ad28bcd3dfe92ee5e181909895cd2378a99b11249a0710d126e4891a4d32bb8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.917798Z","times_seen":5379,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.021Z","timestamp":1701176109021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2985\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ba9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2985,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d583ff0e9dfa117c90d1edf5ab65145b","sha1":"5c7c143aaca55965c35e0dd5da68070abbeacadc","sha256":"3edae1d5785dca0c9e8cc4d5a2233a09f15c644e94ba50c04fe1e89f91ccac71","sha512":"245917fd0319d54b27835dc973cf26903a92918af36ca9be57980ef44adb4ff45231fbec6b8108a1ec48b75ed66c4f15c3f37fc9fa8327e61b9a0853c05daa8b","ssdeep":"","tlshash":"cd512cb6b202361d1441523665a1a61da3317b8aff238e05b35a82a4af50961e9fd788","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.604705Z","times_seen":5366,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.023Z","timestamp":1701176109023,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2426\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-97a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2426,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a7ac8926224c2f5b7b33d6386c27f06b","sha1":"dda21067099f89d797e8c0cfbce1e2c2eb51222f","sha256":"672c063e2abbfcfd87100751aa8fb2b418dbd876710a91ce4438e3819dccc703","sha512":"448bdb4ed97f1d6608a8141f6b5647cf829b626297a66f03fbcf1da5656bed9b613074b08aba5baec4ae0bc0e80dd24d3ed2f9f38ddf013528c64cdbe6b310fb","ssdeep":"","tlshash":"e5416d8e354344e2973613e4d2e510367ebd027e8fd09d0d4be72111aacc439728492b","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.78196Z","times_seen":5384,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.024Z","timestamp":1701176109024,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2811\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-afb\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5291bc51217f1cf72f1777e9b7e7957d","sha1":"66be7edde5b7404ed6ef2e344200101ae6958637","sha256":"37a27033c61006f5c15df1d490f8eaf56d0adcc3e6c894fda73b147cd6140813","sha512":"d62d887067df12873a28b025072897158aabf33e881c565942e4508291bfd4a45f91e72f6e2affd5de97e0f25484325b8d703604caaf849961e797fa71b2ebea","ssdeep":"","tlshash":"98514bd3aeb8c1f4dfff92c241752ef8beb5518006e4a046dc8b1aa5714cb86086bb10","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.556546Z","times_seen":5376,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.028Z","timestamp":1701176109028,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2852\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b24\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2852,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c412f52c4a8495b0d2d098b123518770","sha1":"a3cd4e20d94108aeef2addab7e972ab67f8fc794","sha256":"5d6c3a91391d74eea9c7e954a43ad763b8edda8cba3a5efcfc5141cae38a6fd8","sha512":"19d69ec2d224da7bf6f68a7473eff4dd2d63dab7c291bbea80c76ceec646d74b0f917f09d5701d7de23ed575e65648ebf6849c43244203dfc165e7a8ac9efd4f","ssdeep":"","tlshash":"dd513db27874f7a9e93ae0b76473452c456110b17209c2b7482bcce34e06485fb70fd1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.613567Z","times_seen":5374,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.032Z","timestamp":1701176109032,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4320\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10e0\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4320,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"877d5e17f9fa38fe116bfaa86d119797","sha1":"ff7c9559f0e1477ee17b7863afc8e337a2bbd649","sha256":"cead4e4a72ec1b986d14e7dafed184eca32aeeb3b204561596cd57ea2e3cbc00","sha512":"22d028456bab4da9095d2001f578abb974ff9edbcbd178b65719b5b9759d1097af69ab41f5fd7468ddb92578042587eeedfa2e5ba0d35b31e3d42a7235a5fd1f","ssdeep":"96:4lFi3enXAMb2/0drXgUWnwuvloKx14ld0g12W9HbD6zcI5DdlCHBe5MRY2:4niOAzSVGwuv1XqtcyHnecunOBey1","tlshash":"61917c4a5eb6424e0b6186d1a7ec23b4f6fa66f68f8293535201f023b8413dd7f45083","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.715021Z","times_seen":5376,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.033Z","timestamp":1701176109033,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2803\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-af3\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2803,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8d1d87357bd233a202f05174f7396948","sha1":"b7536bae016fd43783b0d138623d546d65a46c33","sha256":"51ca6ec9559cec9f21f0875712404f3e9be33412ac66f7a7604638f9f024389c","sha512":"2900653739a2a73e8da0f4dfa5a20bd6084c8c876d4b10ae897bee858bdef688b7f38f23d8a90177e30b01696951a5be5cedc9829bb5c9f0418eb070b49e63a3","ssdeep":"","tlshash":"7b514c4ce59c58d29db53eac01a25d0337362c6c2bea91bc34290c725fc78a09121b8f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.585185Z","times_seen":5376,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.034Z","timestamp":1701176109034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3957\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f75\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"78d5c803e5264e79336e2bf8eb756ef8","sha1":"735f521cf64b6e8ac6e67271a4af4a3bce6e8b05","sha256":"93336f0452b71304f679a435ddc99a93b67c6c6cc0ced41d50c22dc20295ea68","sha512":"948d3938bda52869f8b6165f1a9b702bb3b00ca62850dceac70acc496377de91b2c85aea8b54126ac1ef8132874d650e8bab4de8afc02a1efd29cd7b318ea4f5","ssdeep":"","tlshash":"23817cdc389708b323b1b139ad8fdc55f4bbe85d015a4eaa711f1c2cc627c166149c24","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.625228Z","times_seen":5367,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.034Z","timestamp":1701176109034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3511\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-db7\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3511,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ce5e215974f232338ca8f934dd8cb55d","sha1":"bbae3ce74c4873e9984cb65a8cf0001fde6a6a80","sha256":"a9c869616f9757263cc212beb64dc3c3e6f3be069d4c3e0fffd5c1e53d26f9dd","sha512":"3e8479e8226b9f6613d1ccf1c33d466c51fa110246b745a06a3d608d65bd0f657f2f8c9c879883ea7c1d6affb19a3d31174df4885c29d1881b84d87ed2aed674","ssdeep":"","tlshash":"9e714b12f2da17e2ce4b13255f7637951fa8566991150ec0c828aece62a0e9a0ccc949","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.635673Z","times_seen":5356,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.036Z","timestamp":1701176109036,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4329\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10e9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4329,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"97de6ca0815042be93d4701807b7ee85","sha1":"e913e7729c4a6687b74ef37a5544ada0da39ad0c","sha256":"5d5f39b98b317c085cd1937cc5ce062be379270eda1969b6c6018513aac0044c","sha512":"c911224d236a5b69fc33c3df30b77b89a3604cda84f0989160ad99f35852769485e1e2e606601400ea8c2870633ab7d034a3ba2a77da3ff1a42053d9a20be0a3","ssdeep":"96:q0TZEGpQ5ixWi3XrueXoPhpOijlHLIB0Nn+qN6lG:qAE2RxWi3Xqaopf3Nn+qNp","tlshash":"97916da742366c6900962691a31408640a39f3747a793f9d7d26ebc8c605aacf9f93d3","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.574954Z","times_seen":5364,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.044Z","timestamp":1701176109044,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3252\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cb4\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3252,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5f964bedc6ac2a5c8741b8dfa16843be","sha1":"24669c785cb0f8e546790c23a0fc42edb59b23a7","sha256":"aa3adb2f40bf1ad8dd1151f80f12e001153eaddd6f818bd08c7acfb2f0bda719","sha512":"3654bc6d43d12037542b2ea56d2417997a1c7b6d1eef2b81722f0d290f358cc7b8219b36eca166ab79379c9b8bf1012ef2288fcf1ebb68ef5f9df1da8c67ae32","ssdeep":"","tlshash":"9d615c88379c231fe5c3bd733320319726231dc19ab906a9947710a8d6d57982fb0d87","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.791335Z","times_seen":5367,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1f5.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.064Z","timestamp":1701176109064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1f5.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2523\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9db\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"830a7d87b4280a26194759a60c7a807f","sha1":"b1a1fd8fcc2e5c0f6eb131a49a9d7c4a3ce13ae1","sha256":"ecd6bc6cae88ccb1d89d5003912fb3d8270a73220c935b8c39284f1809f9b2aa","sha512":"00b564d531245b43f5805a2e9d1e9df7f6ad6565a0765865df3f8216fb269a934d223c4cfe2e6d81956da7a4b8ebf9e36aae94dd6fc51c7f93a7d9472b98c035","ssdeep":"","tlshash":"59513a91d4760e854eaa25eb64f144a2a0fa131b9d52ab8cddfcd428fd93e0b2732518","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.630549Z","times_seen":5356,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.067Z","timestamp":1701176109067,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3038\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bde\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3038,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"579714dbaa25937e24c29c3a323187e1","sha1":"058a0aa0b3a742ca23f51d6b57e06e35e4f88cff","sha256":"c51fd5a7bc1b210750acd9b6de12c15d6cd8d918714098865a0ddbdd2a38369d","sha512":"e563efea5832699fbd74874ca02d0062257549b6b8aeec814c716f23f10b2ee477ee8ef6331aeab761cf13a8015a8bef9d1e1afe1c4d11fe7216c6e6166ca9f2","ssdeep":"","tlshash":"bf513b5c6eb1e1e50665d4f7327183baece9d924aca3f336fc130068b889d0e214e880","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.668811Z","times_seen":5357,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.140Z","timestamp":1701176109140,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3846\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f06\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3846,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c36ac5b9fd6c7e19ea3b2be263031f55","sha1":"7ec0e8228f6f1ed41c7e300ca6a047e279044444","sha256":"fb028dd0c412305a54b5b2a7ff9544f38973872b57ed17a63f7bc684ece8e210","sha512":"e3846873b6b0277aece5bdbec9a7dc89f91d50563e50676355b49c0de2808aa0bc29dfc5579596e7ec798c7f1ca9b1558aaff51983ffa8a50b55cd70397e3fb5","ssdeep":"","tlshash":"a7817d6b246e4cb5d05c64c5af0735901d3d002a21457cb5de68ac1f46af2fd8e668ce","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.844221Z","times_seen":5356,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.143Z","timestamp":1701176109143,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3955\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f73\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3955,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0452602d2d1d3908b863a0e90349c845","sha1":"1a917d0bba48d42aa5cd1cd803e0d07a0b4479cf","sha256":"76fb5a7fe1da630db81d08567c3000bb6111c141e6264afe7a95bc285956c3db","sha512":"a44eb5966c42113e46e486cbd4eab9c0fb02913f3e0ba43441c23c1c4a12071f8363c3414b5b349fb81f53e1d31fb931cc90307e8334e8a4fbb5c69f4066654f","ssdeep":"","tlshash":"55819eedc2d3a4e71a5161c91463b22474ef80a901b6620cf8921de8f90e3e38def521","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.597653Z","times_seen":5357,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.153Z","timestamp":1701176109153,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3262\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cbe\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7c6f666572c01fe34aab4d035ab9d42b","sha1":"873fab9c8ed920c9f38689e308781018b17c4225","sha256":"afc21f9ae5dea61222a797c6f1b999348bd73091909cbcb0b83bb006e4ed1d1c","sha512":"be9b093ef3566e75b6a2f1fe4af48d1761b399284ebc07f71e0effe94b87bb28fd48bd8a8812cc38b24a34f234bd3d192a3fa1d430e86b04d2bed3f841430f4d","ssdeep":"","tlshash":"96616de2a23e41972e1794d5964d7cdbbb3585c00dac60701b65370f2090b9a718bed2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.756795Z","times_seen":5350,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.156Z","timestamp":1701176109156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3296\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ce0\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ffd43c9d67d31bc57b814eb509a37a80","sha1":"3737bb46dd07b4ec331bcf647b25d2dc04a556cf","sha256":"80ddc8c5f58a6138d4bc4260b45db9270bc9136bd83e4a2ab3ff78b10f15cd7b","sha512":"71296b458855207a6da1db369b9ade63629b3ff7d2ffa049f8d24c2d547aa31ff08b66b4253d81b406bb17786e6ffc40dc343d5072892d4a80d764a75f0d6e66","ssdeep":"","tlshash":"4b616c6578fbbc31c8045f615a603848bc333783535dc4ad62af099939d58e997c2162","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.548695Z","times_seen":5352,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.159Z","timestamp":1701176109159,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2096\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-830\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2096,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8cb7b88c06f9beacc5a495b5faaff911","sha1":"28def383169ab6b184298c970c7ae77cd6a8b0c3","sha256":"ac9be78ce1941c2a37e357a2220181dbe994b96068f78308660ac7aa7d2cf0c6","sha512":"e01c5b6ee2b748e4ef0476357977a60aba00c30580758dfd44ee97722684a9f5293427cdc5f541b98f2f678864192e00d50931b93755ed8e8e0e9b2bf4c6ef0e","ssdeep":"","tlshash":"ef413c43052e58e1f24a6e622907adb012fe189cca581ea03304c22d00475355daf748","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.492695Z","times_seen":5337,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.173Z","timestamp":1701176109173,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4043\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-fcb\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c33bff8e061a9752985e4197ca85e09d","sha1":"246abb627385ffc26b11c8f5d99f795c77381689","sha256":"4527ede3a1a47dc957113325eed709fb586616db29c22ca9b4c195974d1dc1cd","sha512":"aa5c8dcebef632c9bbe0d6fd3ffda0b91a2d97b0051e01b556c342903259fe667051f77b83a3402e2e6c8b7489229279a2e6452c7fae52d38d53d1f916bf6cbe","ssdeep":"","tlshash":"e5816f1fad203ba60e2b1e4c9d702445da4b97af27cab72c2367247d849d29c02dd269","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.534119Z","times_seen":5350,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.182Z","timestamp":1701176109182,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3060\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bf4\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3060,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"bb0f56a5c6226bc3beb5cbe7fffc8e9f","sha1":"89b8937d2d916665d71450c6a4095dfbd6ef2a44","sha256":"3be69dcdb5572ccc6d7148478ef8d9b96922f2efb7c803db96464addc7a24bed","sha512":"3ea2b27ed7a8295fdef96e6de6e1f921a4f6a7f91cfaf6c94fc488bca4982ecfe38f8f4cfd5476c8f7b9d65d392c0082ab809afc03fa69e52d68db88130d7a77","ssdeep":"","tlshash":"ea517c50004b4ea0e887119b1c3dad60f02b515ece3bc5198f864a7b0b67bb03fa29e8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.344079Z","times_seen":5339,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1f5.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.183Z","timestamp":1701176109183,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1f5.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3731\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e93\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"02820a1f15f9a513c714411952906078","sha1":"8add518c893518ef5f1415e179d7b093e1a41829","sha256":"1996ee3649c9cf1ed763e715f53e6b000ed095b50f6cc468c315b232baef9a2b","sha512":"5354abb2ced08d3be498d67e77b7450a0e4a1214dd688b7002679eb54e2a705eaf8544f5e8ac83ab4601f8da369a9095004044955dc8d8b67bf4a4bae0326327","ssdeep":"","tlshash":"19717c2f72db102109888afa201ad4cbf53d85150a1793a7bd3dfa50dfe853b4f9a302","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.883341Z","times_seen":5341,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.184Z","timestamp":1701176109184,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4508\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-119c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5696a7399930cc7172ad173f45abcc18","sha1":"472d95e2cc097401d3a2d8ab3a2ac9b88038757d","sha256":"9751832ea3d0507504e2dafdf0e09b8e74594f82607ddabde803488ee4a46c91","sha512":"23a0d2a078eb805854647d85eb8f5f720294d2ac036c43cbd213f9fb111101bb85b4d474c1233babf2ae0618d37d0ba97aada703c136250559f67f69cd7f78c8","ssdeep":"96:sVKvRAit7C512nX+yZaw8q62OWYXN4tGyG7aOt7ncuyN9G8zNZ:yK5AQusnP62HYXNAGfOyrPX8ZZ","tlshash":"07918dbf0353c4f4dbee61d5019118eea890b6280a7029378b71b4144b56df2a0e43d6","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.646505Z","times_seen":5334,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f2-1f1f5.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.185Z","timestamp":1701176109185,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f2-1f1f5.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4171\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-104b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4171,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9e72c165e2e4410ab8f0c4a82e0b4310","sha1":"143d53558a6d85efd27fea7a9bf5fac0473e18b2","sha256":"8b2a87ce84b4f87cd84eb3ae2c01e9e3cc18224e6911945e33056a43c13af01c","sha512":"52fe65a35f69bbbc4f425cd825585b178e0e28b6d551f93a5242481d7e6a5790ace1f37ac428b94e69f8a9bdf9ac00fe1c0330e8ef265905ddde2e9dd776bad1","ssdeep":"96:gbx8MRi8JF9BPT9BPXBa7W1XWYci0QsWV3kcs8sz:O8iPxDRaK1XWYB0Qps8e","tlshash":"60819fdd0d474e2b69f23e16c37cb07b14a7842ac7925f0eef30e4d215e5482c061271","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.894386Z","times_seen":5334,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f3-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.190Z","timestamp":1701176109190,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f3-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3939\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f63\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d18085bbe4c19441c0c54c8acbdec191","sha1":"b3e531af23206c6cf56f8d5e6f30cb400603e265","sha256":"d89bc2e455eeb12c0a8c102f7da04df4d77fc23f55af48f0efe9c7ed09f16666","sha512":"302867d1800a39075407532ed27d51c7e60a05307d5363e7144fd81fb922c810c2550a421d9005c3d7f9c1a7316e5cf5024b9c6ad49d9b6b6b3a4f1d20715947","ssdeep":"","tlshash":"8f817d974263836e59284b853173cf1e1db403a6cc2aa4450cc1b27d1da9efa5a6ccf6","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.552404Z","times_seen":5336,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f4-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.193Z","timestamp":1701176109193,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f4-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2851\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b23\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2851,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b8674e952648047ed8e2d013189e83e3","sha1":"578ad342a74049ebd795d4fcb4ed0a57dfc1c1f4","sha256":"106331007e7715bbc41c04c08b1b8d3025d8fe390ddae269f4f5db9f8174fce9","sha512":"935865c6941f05a87ca413816751f2d29bf8f06156e4d9101b47bc459a0768ebb1e5c461426414a16e3d3f98505a65629e8895da34179f818634da99affabafe","ssdeep":"","tlshash":"83513b5a394c722df49ff0a150a4d24380b387f15bf8a3c8e3579a56a0348dd19ee86e","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.658917Z","times_seen":5331,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.195Z","timestamp":1701176109195,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2688\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a80\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2688,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b5289bdc10f7259218ad613f5ed9b62e","sha1":"7d646fd95d28bffdeb43bfcb7a2b9db3d0df4bcd","sha256":"5467d515c5e0e0c3a8b3dc751ee04f9f1c411b187061f96078c6aee3632193c9","sha512":"221a1f1f6e2ab4f931fcc919011624e25621d6a2d5905c0dc0cf5bdc5e6727ef6f8257c9aaefd09a8f6abc362e967e5c3208228e2576512cd6c315c8dff0392c","ssdeep":"","tlshash":"f7514c0061ea38c918a50f376f5c22e368704ce18f42484d0e413489659707b9eb6a5c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.763277Z","times_seen":5331,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.196Z","timestamp":1701176109196,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2796\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-aec\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2796,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"efb6a891f2cce73a376c7a33ec376233","sha1":"59fe3e751d5ec7501e22b7694c0d24d4e27b5881","sha256":"90d24a13ddf9fd81ba665279d16b230645a84a45f0081cba536050b8872d921f","sha512":"4fc2fd4e0d5c1f29db98e9578b0e65e88c3a6686f9b9ee3367f86c3cae32aa731d602d26db84bb09a1b58f993222f5a13829fdaf87825ff97d8318eb9f7e18b0","ssdeep":"","tlshash":"11513bc470e9e6c1f19918bb4b5ae60af12a64934caa7721cb8a64750bbf3257134943","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.34573Z","times_seen":5312,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.197Z","timestamp":1701176109197,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2765\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-acd\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2765,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"399e73fac4096ef47012a0d2f51f80b1","sha1":"e700eeb266c604140e255ad574ed22d076887603","sha256":"8c15d71bf696d4e90c16e57fbe608a1c2119c1ad613fa3a8157d88eb231b0440","sha512":"007a07582f74c73ad23fe5dcad2030740b550f4866382d86e861c42924dd5551c4f8253695da1d0e57be30d32c19b5e912ae47826e835c41d5f0f2eaeba60aa1","ssdeep":"","tlshash":"23513b0346299844d32ff19b37e287b14294ee20fdf71272d09bd5a490e25859fda819","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.628838Z","times_seen":5327,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.201Z","timestamp":1701176109201,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3089\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c11\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3089,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"534276dbb1ab6e4bb9277dc57a3344ca","sha1":"dd269a247a0e4e7268bf31708a4d7d23ed683f62","sha256":"d8136f520952e668df7e754bccbe3b92cddee2cbecd9cb9474f74216a95baeac","sha512":"872f382add3e0ba3de2de80e5e2a1d0ee17cdf65decb1b64094be1ffd7501f7a20300192a1dce7399d0e8bf322207b8c7d1d4a8de765cccbf3c27b98426a00d7","ssdeep":"","tlshash":"7c515d5b47f10eb595c4abd552721436b6104c3003baab5b03f5f79d27728a0ed602d3","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.553343Z","times_seen":5324,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.203Z","timestamp":1701176109203,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3348\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d14\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5ddc9906f2d97769dca96b2884cbfddf","sha1":"bba958eaaac63515574fb866d728daff1b2381df","sha256":"359193665748e8e4d037f44312c2d99110ac69f7622f661c29d6ef0627384f97","sha512":"52f63f03869e6598fe637112a9696db4bc849e216b12c19752ef60c9177fd39f43d5b1c740d7613acc710bb705217212349cf05dfc3b8a279c0584edf8aa2c77","ssdeep":"","tlshash":"e6615e32c47b187936f8d38b3158fd2cecb0c864394546db9335e589560bab8297d0a6","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.293259Z","times_seen":5309,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.204Z","timestamp":1701176109204,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3394\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d42\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3394,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b93df4cc4fe2ae0f89c4ab731ac722ae","sha1":"a7496b534a475cb06890e0d3a77ddbfd745a00a6","sha256":"648e5c4952c03fbcef638f4379255b2151bd3b1af774cff86265216a83707404","sha512":"cd93ebba4d8abd9747f8d53c06425cfaaa44ae13890ca5b6b10abdb5eb3bc5d4cf1186f9d5ca5d0d9c28e90456729b109ad1ffc66288e72eb1813e64ac880eb8","ssdeep":"","tlshash":"28615cc16138832cd38fbbbb0e20cb705a5db9d26636308e8669b55c1a216c8597f158","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.549681Z","times_seen":5318,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.205Z","timestamp":1701176109205,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2151\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-867\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"52670566d96a885b6689d42d5a9936da","sha1":"dd2ae0097c75616d685456138a74acb96e4d4d4e","sha256":"c139e1f08441c21bc627b73c0210a9586b2cbb86eae3f185ae8034506099a844","sha512":"180f3209986fc74b961dbaf8cbbfc6200bf0a78e51197b178592b44107030c70f2ca27de339a8d6dd7e45217dc02ffe8656edc3b27c7be7ff453e779caed4c45","ssdeep":"","tlshash":"2741399e35c6bd8bed3848b5993629c50abe02b5a8c93668f021e3fb0211748430c35b","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.819291Z","times_seen":5316,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.206Z","timestamp":1701176109206,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3491\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-da3\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e599696cb6afa449320e3dcfae10a2c3","sha1":"0d48a651ba1823d45e6a0d32eb03f60bcb099566","sha256":"10e97a9c12211237e8f34b85cf98e17fba36cd61c10919c090aab475521ec796","sha512":"b35990af264826248230f9f18510bba166b377661b18f2660b14765c982f2e2d39e54ad5ea54882e283fb21592d478bcb150b41e5bc2c50e46348f5e79c9b254","ssdeep":"","tlshash":"63715d29215b2e67ff785b70c18a52c088aa17199846fe535345df47b240fc50ab7193","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.640804Z","times_seen":5310,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.207Z","timestamp":1701176109207,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2310\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-906\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2310,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a6614f594ba2013a57567dd87ca06c87","sha1":"d9574e411879c082e0dc21dfc7d2b1ee7f54e1a4","sha256":"da0ad03aa2ee1b15988ded0410211ed540b555effd1b1d6a97592277a5ca247b","sha512":"6700859dbb6eb9f408e84191d06de9da7c36bd9982a0e98016a1786ea88098a3d07ab83876d23103f5ec2c00e39f150a666a871de2a12a31ebba939bfd80a58b","ssdeep":"","tlshash":"66410ab8270c84f5bc45eb51b2f715ae755227a1bb984c3d456244c8ec12888898978a","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.820671Z","times_seen":5313,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.208Z","timestamp":1701176109208,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3064\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bf8\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ac9baba92f4364b170008af597811b09","sha1":"e142259b2183558ec4241af38d6fd661cec31c6f","sha256":"42d17c6e785b5e4b4e777718e37e7281759dc584c464a210698422fdc9c340bc","sha512":"5c10fb8e41315a46d3191c9c09e1eda154ac10d0b0f370334a4e4f913187b9b669d187b2ae2fab6bafd198fcbb24ffffe3f5bb52ec5459be97ae44e0391dcdb1","ssdeep":"","tlshash":"bc512cb4f3174f991e489d293af473679c6f81f18b602a19686766d414422198b70663","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.554603Z","times_seen":5309,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.209Z","timestamp":1701176109209,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4152\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1038\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4152,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d99bdd094e08d55a26bdf55e66557378","sha1":"aaffab634194b0431470dc034df754987ae665e6","sha256":"139fbf26293d72d6bb8a8553044d3d38f959fe08f8e9f1266fab436a2b566abf","sha512":"ae40fb7cf34e308e1868124534984f3dff177d3198fecfbab20ac5b1ff88a17f1689b99a293a13620ba7c7069a55049234f36b54a0392ae58fde9cf4267fe04a","ssdeep":"96:RhQSLqjFhfQMJ5lQAYmpJIfufVqtxX8R60Z+vu4gkS59bNCQ1wD1u:r6jFSI5lQAjEfufqxXUk2tkSv8Cau","tlshash":"c6815dc64de499b68d1dbc19efb93465a062500c62e6e5a49706a7e4743c1a490437d3","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.576417Z","times_seen":5307,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f6-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.210Z","timestamp":1701176109210,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f6-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2560\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a00\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f3d57604cadb5fea013d2b9c96c84709","sha1":"58809cd94cc0e4606a5745a8e82be557d4ba8d43","sha256":"2a1730d9c3912300d2684ebdcbcb0541ea5694848712afc6112f1a8d0d04e77f","sha512":"0b11d5af30fc0081b86eb762a6949f7f79ef34a1211ebeed389d95d2a807ce76215fe2fc7030d71f15ee16e0af8ab616619fe0e7693f0c1185466b681817251c","ssdeep":"","tlshash":"f8515dcba36372b77317e966caf01524c112cc39f700d1ef50895a4f9514c6e4c53970","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.898537Z","times_seen":5311,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f7-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.216Z","timestamp":1701176109216,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f7-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3995\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f9b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3995,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3746e0fc382e4efbae1d1ea9004c2f14","sha1":"41591652de52b704209caf9964ed10d19f122091","sha256":"c2893b49b1479d58266fdf5d049753f9dbc5d3ec38355019992a752a0aed7ab1","sha512":"94645ab8d649b10e3d175b11058c411cc035da4854a354ac52def0ba7c6caf42157d287d5cf50185eeefc12ca00d9772d32eeb0ef1a731d843a34eebda87cd7c","ssdeep":"","tlshash":"9c817cc2462def34cb55e327493e874864c15f6f7e12a9cd8a839d21083ab9d58b08d9","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.496011Z","times_seen":5291,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f7-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.217Z","timestamp":1701176109217,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f7-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2168\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-878\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c9a6b400b5bb41b4a9b2be9c4ed4b255","sha1":"ffb60310c4c74d177ac2202ceebb571272454849","sha256":"98a19cd80a2ca3c18b806bb392712d6b33dc2ffca7fece1a3d2fd8cf2590ad35","sha512":"825d017a5ee5d524f7f258d4f5469afda97e198fa77cbeb08379fe115e4cf3a7f16da27f8441a03aa9611888619f0e7f344a8ca0caf02345f7962c0cdd423849","ssdeep":"","tlshash":"09413cbbfe8c755ecb22dd60252476c9d064c3db48217c01de209b14b61113af84b0b1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.653136Z","times_seen":5301,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f7-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.219Z","timestamp":1701176109219,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f7-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2758\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ac6\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a4577e3849fa67a38df9a5c69d9e6c70","sha1":"786dba07e408907e82fe57050a80bd559bdb6400","sha256":"92e9b36461652f6c4087a4120f0d58bd26ac2124872987d2b11cf400c5db1dcc","sha512":"bd85832f0af2ac8770e1ef14e31e12fd8adf4eaaab2a35ed556d21e0180e401b66dfbb48e98a2b7650f430da88d438d50e115f111e17da77e14d7d65743e28a8","ssdeep":"","tlshash":"fa511a40764a0355d8923ad85724d02b8a2ef1944b0de844d9fee2a9e400b6358f73e8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.876873Z","times_seen":5293,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f7-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.225Z","timestamp":1701176109225,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f7-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3603\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e13\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"be4943ca7ce5d775e36074bbac9de1d7","sha1":"39eefd69eb2f4f60dab9a8fa3a29c6b0e80e13e2","sha256":"9c7241a4d010d8121b83deeca8d2d6683525f585baa2f96962691166f4909d2c","sha512":"fa8fb67cb1af1c7b04b79bb4d1e92a15bfa763ea296291b71b577dd9b47699f3f4e2a72358edde3b2f18f16285e0bf563fb7406e8a0e7c5c77ca83af25071a06","ssdeep":"","tlshash":"ae713ce94f8c32f2ede7a44f942499ebec1027a4c604f78e310c789559ca29e76d9847","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.750769Z","times_seen":5297,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.227Z","timestamp":1701176109227,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4053\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-fd5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4996aca3b56e999ff2ba5e69b8e0ed10","sha1":"4003b7b23cfcf783b5a8fdf923d22b556500a419","sha256":"27834cca4143e3b136edd504d703e8bde9142c5c971638161848d020553f1a7e","sha512":"8dca6988fe0e08e716e77c361cb44ed39f2de522b1aa4ea127852ee2e8df20b33e221c3edf6719314ac7863339d7bfc8b211bb6916ccccad59fb014c527eb6b5","ssdeep":"","tlshash":"b1816f8fb41cbfd64549e561c06c4136151b9b32863cff4564a00727aa65157cffc357","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.86018Z","times_seen":5297,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.233Z","timestamp":1701176109233,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3941\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f65\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3941,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"481b349c16382897f8ec3d90f50e464d","sha1":"c43f7e02405cb32863dc2538f1676c5edfc475fc","sha256":"028c24780250589dd83419eb34cb41559862179dc6ed055d87a43b135cebd15e","sha512":"9cc2f8cbf8096edc769fd0f45ddbf8de5d9d7ba4089b337e1e1231546a8a76e817275703fde49ecc3fce8b1eda8b2effa41d68870d44f698e5e79f0acba386f1","ssdeep":"","tlshash":"40817ca6cbfc2ce8b7aec5c0d1c21a733f34d56a360056718e833a964463091c6f8ce2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.822Z","times_seen":5288,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.235Z","timestamp":1701176109235,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3149\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c4d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3149,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4205ced6b4d6106ef3a04b96c6339fad","sha1":"2e4df8761f9689e0998e15b7866145060b683b69","sha256":"d0326f19e3dc558000d575fe4dd08503301b9721d9767c7fa0afc321ac905a22","sha512":"db603bdeaecffc3ffe655be98dab01e3c1e74a066d13648c34fd270c78dc5bfc6f931337db55ce12535148ee6808f6c666dd90a94eeac296f34e6c0d11e55013","ssdeep":"","tlshash":"65513a8a4b3a34f02fa24bcf570171fdd172d60ba38d91771ac81af611c46266c60fe2","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.582909Z","times_seen":5292,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f5-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.239Z","timestamp":1701176109239,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f5-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 5801\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-16a9\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9b5bd8a93e88af21ead307c00b4196d7","sha1":"a972142f638c02a420f93a619e2ea96dbca24088","sha256":"6c219e0794efbd20d50623f329525284ddce3732fc72d71fef562b5b1b3581e3","sha512":"46c4cd9cfd4b171dd0aebe207f6289cebfb4f00c301c88c6ed35b50ba7fcf65329a3bcdf39d7ad178f4200a5c937f46f62731a4f5085f2a257e86e6d202f7b77","ssdeep":"96:+lp/VZAgiJJgJnBBN0KlUjMhNdtEYaxW6ODurbYwjhvb/IWzACbes:+H/V2gBjN3pkW6QwNv0Iz","tlshash":"6ac19f22f3015c74262e14152a7b488a932f2b9f027c4cdb37ce6f4610a7552de6d5f7","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.636614Z","times_seen":5292,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.240Z","timestamp":1701176109240,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2887\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b47\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2887,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cd7b94aa97a62d9103f850dd8e21e8fd","sha1":"ea9809dee740bd7d4dc73f21f8cea27ba3e52584","sha256":"2870c8544dd305562d31129be8510e74f77170c8a89b37f497bc5f278fcef505","sha512":"e90f39a8583d8202c9dc6030ce228612586fdc1c4e550ad5f8be80ca89e4310c6ebf3ac6a43ea0135c0bdf681d7ebdfdd387d159f9ed4e43ff3c8ff7c6805de4","ssdeep":"","tlshash":"05513b2f1542bbe3601aaa35647a08210835c8757197f71fafa8ecec6543dc0004f4f8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.577391Z","times_seen":5290,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"venus.web.telegram.org/apiw1","fqdn":"venus.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:08.979738522Z","timestamp":1701176108979,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /apiw1 HTTP/1.1\r\nHost: venus.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jfss.cc/\r\nContent-Length: 0\r\nOrigin: https://jfss.cc\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: text/html\r\ncontent-length: 169\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: origin, content-type\r\naccess-control-max-age: 1728000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":169,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"c2a982d42f89274763eef2a44fe01030","sha1":"86e6d53f6478cdd0c05611093d9c55a953454af7","sha256":"d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a","sha512":"c1e2f30db797583ec9eae6755dab939a2d71f902b557b069efc510e51127db6781456116cbfd764c8b9fc397791df492df52d200afd9e46734b0845912c76e24","ssdeep":"","tlshash":"49c0805d6513ec4dc553213516c36440c199c32795a945110540514370cb25d46c139a","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-09T07:07:27.060544Z","times_seen":3992,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fc-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.273Z","timestamp":1701176109273,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fc-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2689\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a81\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2689,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5fc4867b6a81d3662dbbc1e1cc240197","sha1":"9061a89b1d371fd9dadf880883f809ca32e23721","sha256":"5582b93230480a7ba99e95270d902d52b9d26eaa1939efceb43d3b61f82b28dc","sha512":"726ffb19c229cbbc97c16b534e67d477d99113f25eec9847947cf8d248a603cf4ee2fd6195a53aa2ce3efd62437333e05b0d784a482ce35f952255abce1068ab","ssdeep":"","tlshash":"54514c9c7340e568c680407f5843c5deab245648a6e211b95f06ed58ab7cf082f18883","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.647767Z","times_seen":5282,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.274Z","timestamp":1701176109274,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3383\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d37\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3383,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"83826af407ce6a00fdeadfe3493015db","sha1":"530b6ada2530cd62889a331d786cbc745098ded8","sha256":"27ed12bc03c1c75c7c5565ce4324ad2a4eeecac952afc760216acce3795d2854","sha512":"6802d51a087f27af379ddea662b691b954a473c4d12ca5412a9ba7767d6b7f294a3d405ed421de27d83fcfb6edc4e59787fb12cff69841c9b9aa2fdcfaa1c1e7","ssdeep":"","tlshash":"f8616dc31b5d30d61b0082fb01701831a4e531ea41043389faf8d72b6e35e5aa678437","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.641886Z","times_seen":5272,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.275Z","timestamp":1701176109275,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3573\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-df5\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3573,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ab9747dfd843784d5e47aeb8934eedb1","sha1":"b2cc34606b35193cffc8f2f28aab523d4d88130d","sha256":"4421e395ccf9d3354883aef350c2167939b00d109d96edc484559adeae30ad0e","sha512":"c4205850f994d18aa5ee64769f6a818926532855e18652d2aa4199fe2d9a91b48d394caf1ab23d1a199df11126372a1883be7cdf24451152c98ebbe3ec270ea6","ssdeep":"","tlshash":"fa717e7ea515e8677987c20cdbf8fd94773300009b124b3ac197ebe0179056a9cac7e8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.558799Z","times_seen":5284,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.276Z","timestamp":1701176109276,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3372\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d2c\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3372,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"946331e08d8422ad1fc1fd101c28d775","sha1":"77f7c86f3d8c658ce72f3f71b3bf805a891dcf7f","sha256":"f0ba0008e91a7bfb16aed8a377338c6178f4d91b00e385a264280dce785a5b48","sha512":"449a5975df9fbd87e8b7a93eb716c7365eded8e11be5fb2a2c5168132431fcb78fdffc74ecd3563fc58b3f4674da2da31dd5469fd53d8015931a9b155b870978","ssdeep":"","tlshash":"ec615b143377a7e7fd1cd680efc69d43c4686a40768e17610d0cad7032262ea978dd99","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.700636Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.277Z","timestamp":1701176109277,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2539\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9eb\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2539,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"917e81cbf2d40d690cc527703ef44149","sha1":"fee4ad00cb4322b51b22d869fde6e9e1329a134f","sha256":"ea22485195bf85c6af3458f01c09a5c8f417a60f6cf3a71fac7d82c9ede53a29","sha512":"e60a77b0a58344b851b72e9131ab82828880b5ef7bd1e9411708278146ac30f041b1ca84041cf97f678fcdd5990cc0e9693e0107b226d0e7f427ed525319c5bc","ssdeep":"","tlshash":"bc515c46c1bd0a63c10fdad2c81510b7b3f6c7ed43c25ba82135a13d9915a74e762e85","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.802958Z","times_seen":5286,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f7-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.278Z","timestamp":1701176109278,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f7-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3742\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e9e\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3742,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fe7d68b6b4f721f861c006fe543fd0ca","sha1":"9207953df1f971b3d12e24e050aef990ebbf0100","sha256":"1ddfc49a2a54f39bacdeaf2bd5e3f53b93a5a1b7c3f22171dcc8f7e572c32135","sha512":"2f5fa6783d67e5f2e7424f2cb97a5aefc43f9f99b3e8424013d334b29d3b9cb5f6f7d20b28d85a9ce642b45a879f7df54b65ad837fb83ee739bac90614626ce9","ssdeep":"","tlshash":"1b717d58434291ce9000efd12c792545bc22b88be438ad7adb5a63190f4ddc88dee39c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.801403Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.279Z","timestamp":1701176109279,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3649\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e41\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a5c106d022ff9e51671eaf814b809b2c","sha1":"28a78879782f1e0603b615d312b9d754d1a1ea26","sha256":"e1eca0196b36387c8f59861a0288caa2476dcdce9d05e35b0fea99e755a87508","sha512":"9d7f46aa5f98e413ec6eaaa87857e427a14be6142e12b5c812c5f9940ef709e380ed986197b5899e49bd215fb267bb372f55d9c230bef51f91e2a764ecf58bc2","ssdeep":"","tlshash":"c7715b10ccdee4b4cf7e539319b6e6cef9a2691011208146e83e07a28f1d87c945777a","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.614573Z","times_seen":5279,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.280Z","timestamp":1701176109280,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3014\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bc6\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"24781bb55f09a85caf6d61343c53c7b6","sha1":"9e0a1e3e04589b743b262d342168d001abcbb48a","sha256":"b61dff537e05d70fe851fbbe99c55e04fc3a72253faf90a5f16028cd816fa17d","sha512":"400aa1efcb93643ff7bf1789c4fb02cd6f64eb9a019c508565e0e032ccd41a09d6bbe64ccc8abb8230040f18660c73ce356d419efedb2981b703cdb24f28b9cd","ssdeep":"","tlshash":"64516d0cd1d67d86f0b16f5314b93874975c2844491b280c6d4eedddf89f4ea5422fab","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.902125Z","times_seen":5279,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.281Z","timestamp":1701176109281,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2897\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b51\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2897,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d0ed1206ed417fa88ca6920f2b3b2e68","sha1":"be211a8bf57255cc3717349a90d199271850dd6c","sha256":"c15ad2f1c3ed9859b4011fc8e2a08933c49f79467312470372391a05ad40fbba","sha512":"4b44e889672070df14c324984ed678d7d52d685ad665e31e0da892d450161ba00206278075129df85a3ae464d390511b855cccc460e44fa398c614db086df1e3","ssdeep":"","tlshash":"e5514b6ef906e882f970229c8efa7d23518f06075578832c4c3b90963c7c0d43f92989","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.90955Z","times_seen":5271,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1fd.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.286Z","timestamp":1701176109286,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1fd.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3338\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d0a\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3338,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b3cf685dea0c175477a848c668cda9c7","sha1":"7dab54dd21c5a2f3665aa8a30e60919813e8423d","sha256":"bef1a3b66236d2d525f423337edf65efc71f34663149a003d6c9d415167f41bf","sha512":"d060127490c8979f97f72d231bdf29ab4d10435600afc222d9697708b3f8a858b175a98b007f446098dfcbafad279ce9ddbb75d09b3c893b321ad2eff371c06d","ssdeep":"","tlshash":"63615da1d842fef69c584955caa12cb7f6384dfefd78a470ce1d0ed90787616e98002a","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.604287Z","times_seen":5270,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.287Z","timestamp":1701176109287,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3444\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d74\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3444,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"741a26646208903f3669f9247e125590","sha1":"80e75915f0829b487e68261d601a421600564086","sha256":"37e1d4670482b4d0188ca6ab64ce3622bf3cbde054aafcb6a028b6c2e88ec87c","sha512":"700516ac085389ca8a090de7a648522ea810cf14e4c25fbe28672ff796d034658aa3403d9614887643e7a5d2fc6bbd53f68162d1a0c756a53d545853a1871ee0","ssdeep":"","tlshash":"7b613dad0e558a19ba55b1f87066c534f9d20373f4ee1fa1c8db11bf01204a9729dc9d","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.544812Z","times_seen":5268,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.299Z","timestamp":1701176109299,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3133\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c3d\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3133,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d68933b3c1244d4a01456713e610a739","sha1":"88d76376cba3ccc17fe4c52566a440c00c005f07","sha256":"f3a0acd79636ca4cbf089866f3f2748cd88f01c7f27d0611b725f5d89b2655a3","sha512":"2e17e09d5f7a5849cf78bced63e435d0f1b6a046e6ac72101aa74549c60d167d9c41db31800b45edd2e65336c983b31e76bfab71d0111a8f146daab55e3be0f3","ssdeep":"","tlshash":"f4514ce627c3b1d1e05b1f7b218188a3ef3d0579f35906d1ba8549a07e5402d03b7ac6","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.732454Z","times_seen":5277,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1e7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.300Z","timestamp":1701176109300,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1e7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3801\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ed9\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c0ac0567182a7d0fcbd3d34bc2e5e719","sha1":"03131c38e794b0d28da72c0fc3dcc8643790f4d8","sha256":"0f4b12c2c1b9a40676ed9c815e39e47ad93e30e055d6d9ad3084c9809ed9ea21","sha512":"39b2603e1a04160794d93826f17175fbcace80d527c35c172b207f80771d023769ea857e9dd24bfe397cf2fb0ca8a078ab7754dfc407b8f9e881cebb204883a7","ssdeep":"","tlshash":"ed716db87b152e1d4ec3ad6f25a63c44014b83a7398dafdb3cb67490df13919204d44e","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.31413Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.302Z","timestamp":1701176109302,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2564\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a04\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2564,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d3e6cd3f2ec3833c2b19373a20048df8","sha1":"513a516366690290e4e578b424891261ef1bb98d","sha256":"67fff1f2204bdf9cc80b2d3fe9130c541f8ef52b2f38943b12d6245fcaf2e8ee","sha512":"77d7a26ad14f63f037d4d719b23cae07c2f4864f6b6142130a9a98af6d1aa265ce77985042d299ebeea977b2c67e72b04233194cb792a52f3c3765f46bb45d54","ssdeep":"","tlshash":"5c51079187997df1d9f0e5f240a0e3195e3601925a9c87246a20f608c827fefdf6320d","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.745789Z","times_seen":5275,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ff-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.303Z","timestamp":1701176109303,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ff-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4358\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1106\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4f8e74a4d6c53c617600fca2abb396b0","sha1":"f21a792805c059365fa962e3c7b3caa02d23dad2","sha256":"1f28dd90673608c76e17255f9d15405dc1b655a638ac2b84fb31d17eb39ef20b","sha512":"04e8ac684b67c798e21afc572448c38f8637d06c1f47840c5e770137b517762c97ed2cb9211334aa61b24247b18160d4c6f77e3c30701d0518236883def84177","ssdeep":"96:B9+31sWw1wbLzLGyIT/syawJ0RJBKmqLIOty0NS2vllvEUhQ9:Bc31Vswv/ITkyt0NcEOty03llXw","tlshash":"b5917e55bf552f59ad15e60b012f75c5ade28a5423d0b74e0b4e3e2c3863ccc15f016c","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.827558Z","times_seen":5264,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f0-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.311Z","timestamp":1701176109311,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f0-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3557\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-de5\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"360a5c47ffecfc88d9fd65017e057447","sha1":"2ddcf9377e9c84b872a36b3f14dfee86f099df0f","sha256":"6a13fa4bf85c96f941cb438bd990543ad051d32870f78e707710586d72eb606f","sha512":"17da9d5ff702eb42c46bdc7117709fb03760abbbb4a85ef7c3630ba2b4ff43ed3b675e6917d9b4f7d93abc0a03000dab099b5e37a1931be0048d88b9bc8ae06a","ssdeep":"","tlshash":"dd717ecf1a34e520785b72141fe20ace060612aae264d55fc0df163d653325fd03e2e7","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.6337Z","times_seen":5269,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.312Z","timestamp":1701176109312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3591\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e07\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5368f168274a7b1037fc2c45ba1b6f92","sha1":"e7b78991207440298ff49d9481499f0aa740afe3","sha256":"5229aa7adb34ed2afd36891d88d18e0c7f603a8b4af4aa867f2c4520dac479ab","sha512":"5de8a1fd53e5c628dc03a33899fce2128487ce87d737388de9099dad2d38f00268e88122b78a18ff5a54cd97e2405b8bc547c0d5241e7f63622deef43b6225d6","ssdeep":"","tlshash":"f9715c766311c27ed59489eec82b40da69634e35ba1a840b84eb42dc34a3f11c18a5f1","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.631372Z","times_seen":5268,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ea-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.321Z","timestamp":1701176109321,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ea-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3459\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d83\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"41a6158d1d3b0b31782dc58b6531aa18","sha1":"4017ad271f0ef68f50cfce45b5d021a28cd6f9e9","sha256":"af278e864232e3c2c0798b1c2d34f57996391d9a25bfbae9f80b6cafd134b1d9","sha512":"ba406e6ff8252d62034b12a6e32c370fd2c105927c6451d0436ed968b61a7fb11a68fff3a04c7b2b2d7c94a18979659612c8b7bc8c7003847d7bed7334832533","ssdeep":"","tlshash":"c5615d91266f431013bdf147c86dc7d75c960052174d8abfae7de8e23cf729a65c9214","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.716503Z","times_seen":5271,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.322Z","timestamp":1701176109322,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3436\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d6c\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3436,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fdf3ba3c72adcb8ef451f52058630878","sha1":"ccb9c7784e16a5e006e930682ac4c67fd2d7b886","sha256":"73b612710bb5715829e937d9b2122345692ca9952aa6c4d7c04014194580d4b0","sha512":"5a9f82981ae1e864fbb013fd34f0495102b27be6e346bc8c0b6f98b05b2c51e829038820ba8451025a151cbe9de924c1fc6014d1fefe2957a8587197129b6b57","ssdeep":"","tlshash":"d4616eef2db5bf21568507374096137871e21f41e0bac61c70bc883019f6a957543e6b","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-16T06:15:53.199039Z","times_seen":5257,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1e9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.323Z","timestamp":1701176109323,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1e9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2845\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b1d\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a7d8783c26afb40bf057bf8d601ac15c","sha1":"0c201bcaa7b61afbbf9e606aa782018192cb92aa","sha256":"4b9dcba2078f0b73682a408bfad43e4d81414e088ddaeb85ff5b3ff5fafb515d","sha512":"0ab69ec616a7b8adbb8e4920e724cb9094fd16a9b180aa8fede1e4dfc3e3c6ad132b2935cde2c7080b64ecf4e9c6fee142d5ab3af94949cdad1bda800c5ea441","ssdeep":"","tlshash":"90513a892798fc52dca555bb12e03e20a2213913416898a5721fbce3a51a3c29536dfb","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.578383Z","times_seen":5257,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.324Z","timestamp":1701176109324,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3981\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f8d\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"756ac1ece36120cb0e28fb37d66cec7a","sha1":"ee5913aba0411b7f24a99b6bb578c9b75764f0bb","sha256":"a994ce5dec9042aab14ba8347bbb20700b721a2131fb871ad95e69425d09dacc","sha512":"4c26eb954dc0b090c49fe6003d3a40bb400700d8d6d66a4c60e3b6cafae0bceaf84b2ebfed26e672cb127ef89bbce67dc006df3b24c4a12bc9f3933a01ac99ae","ssdeep":"","tlshash":"47816b03d57dbb8cf24d25fea0b292b0eca892040b158f80f6bf0936691093db291cc3","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.870387Z","times_seen":5260,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.325Z","timestamp":1701176109325,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3228\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-c9c\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"138041c219c566dd547a16a415dccda4","sha1":"27bc62fffaaf4ec2b74adac27521f2c66e44cb9b","sha256":"9fdd504bbb0c3e6cbeb600935ed34610e4c0e4d867566319fe54a9e4f120b8a1","sha512":"1462cd4046765819c6a6b9882ac6940d8fe8761dbc4f125845ff7c05d53e1561dd7625694ddeb28d58c9858a03b93ce29e4bdbcdeab14de970472e54db165fc5","ssdeep":"","tlshash":"07615c4f7aa2fd6b707e1366063822b8b6947612f0872e90381f1609ce56390e5d5d9d","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.586203Z","times_seen":5254,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.328Z","timestamp":1701176109328,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2003\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-7d3\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2003,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cfe262de21d6c5cb11a04feb17e4668d","sha1":"4e761c330b91cdd941da83baf047ce1a1d105c0c","sha256":"74cecc67c28852c37814d2ddd7453aceb32b690076fd7d94459b9cb45c5058d9","sha512":"50fb090113f6d31dfb6db75a9e5c8edaa833e14e0ea70f36048dca548c5d1300a8dc8b85e75db627d8e67fab961761c12ab8a41a040d67af71b7718db35053bc","ssdeep":"","tlshash":"ee414cf498cd535ac1de17d16e14be6419a05cc84eb4548d0106c423bee226dc63b3b9","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.568738Z","times_seen":5253,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f8-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.393Z","timestamp":1701176109393,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f8-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2992\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bb0\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2992,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7b898db0520bf71635b5fe35d5ffe384","sha1":"b105d4cba791054563920e93c7f0ed5052fa4835","sha256":"197d5e8df8ff62d2cd303a1abcf6c27d6aafee1c7eaf539e0e95a6942e830bee","sha512":"d168621f6e0222332683dd18e34de80718db254736b12eca480220a0a1102a2f695e55a37f28ec330f7c5e40165035943640c11c08c5a2ca6f2b7f6c4c8020a4","ssdeep":"","tlshash":"bd515d53a7f815e04b9b820f69491fd20f36b1e0dde6289205cf7d50541bf8a05beb44","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.615158Z","times_seen":5248,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.395Z","timestamp":1701176109395,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2953\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b89\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"24e928a7c329945bea5142b83187d355","sha1":"c36bf660c26ccf177931764f07f6a4b7132481c3","sha256":"735dfb93eefc3b568d5965eb97b8cfa08d8b0dc6e74f85f13d2024a18d9484c7","sha512":"edf5862aedc351f22f8e81caf6e52ad1dc78ef1414137ffa28239a1c14f67219756958dfd2205f013c85df7faa522ffd96e6a1be2b5e7b54f3430b20f4e2db06","ssdeep":"","tlshash":"b9517ebc1abb7812cf8112e4894bd6a0d377a42864d1d512b1fa05f0d1e399f1ecfc45","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.561224Z","times_seen":5258,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1ef.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.396Z","timestamp":1701176109396,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1ef.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3351\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d17\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3351,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5debe7739392a701b87c71adb761d3c7","sha1":"0265db494157f38b9217d11a2e89ab2353ce080f","sha256":"bd7b517c05c586dd6f240d480b788fef465f656a48e56fc5064e9b3438d7bdd4","sha512":"afb676bb0893ef03a38bd6eed61adbbd6003b49d2dab807e54c13421aafd220c07877ea0a7545c31ef3624d13e3ea8bab2eccf08749d9d812432d9764d48f9e7","ssdeep":"","tlshash":"5d617da573f5a577c0ad87d29135278de034f1e03042930cb2f63a181d6b8782a87c43","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.569892Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.397Z","timestamp":1701176109397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3667\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e53\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f2a663410069dd19a11d0ba13a315481","sha1":"20a2339289680d89e4d1cba0e8b7f7cc628af346","sha256":"f6e0df6ee0a4f0648d13e6e5cdbe32f1054132a4f2fe947b8d591b0e07f71ffb","sha512":"15c6d981289f0981baeeed555a16c3faa179327f874908d74c4856bd4f80632d52e577be9d012d5c0bcbb717396fe9bde0640d77addad4fd26f8288a5daa1dce","ssdeep":"","tlshash":"68716dec457e6e4a388c3cdc6ae4f590753b7044b1345728cb170bc90f17a8126a0fab","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.537122Z","times_seen":5245,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.399Z","timestamp":1701176109399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3748\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ea4\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"44fd527239cdc33af5726b00dcb26b06","sha1":"9d3811b396b308daae312464ec4864c3ed0b4fc3","sha256":"a9dbdf064d9fd22138994e83a581271d07a70fa97ebe62d02b0fdff1a44418f5","sha512":"949ba7a85fe17ae11898d4cdb9518aa3a02d924d2a0a0426bdc5ece782f33d321ad7e5cca93e178b85f25bb20a4c870ea8ae67383cd25c7cb698a496b3863b2d","ssdeep":"","tlshash":"28715de4b3decd1d084c1226abbd4e365847a9622a6030f24269d174c4117d1fd2b2be","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.71751Z","times_seen":5243,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.401Z","timestamp":1701176109401,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3265\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cc1\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1d426753471d08307b97dc533326a360","sha1":"39be02418eab39146f229780bd3437fbcf07c567","sha256":"375f1fdbc6749a4de7786970625622cd3d0f36469312be588d8987c8804d3d0e","sha512":"c1d547f5c4e1160035fe536650b9ec7d36610ee01b0baae69fba79a83e1672e152c8326dde1075f69d8b44fd5dfc9ddf4da1731f71e6b76fb8737a6da4ee9955","ssdeep":"","tlshash":"55614bf4b57c66c3e28fbc71fa64f1782a5c2161d7d44be108445f04c58ae698a1f7d8","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.591101Z","times_seen":5248,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.405Z","timestamp":1701176109405,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3970\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-f82\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3970,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d8e15b3b4a4ad33482b3906ad5a3aee6","sha1":"cb945c965dc97db9d3dd2ff7bf0a42b8b5cd692e","sha256":"68398d08d13d15196be7d1bc49e628b153e87dd49c921d552331682681e72221","sha512":"e4b20627e0b71891c0d2b68699e7ae357511ac453c3cd405ccbcaaa28286aef3403d1fb983763e0e773c9f899974cfa71914714cab4766917cb2099bba517ed2","ssdeep":"","tlshash":"a9818d490b101e81788dc5e7b56e5838fa23baacdd1ba84fcc1f6cb390032482e291b0","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.751365Z","times_seen":5245,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f0.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.428Z","timestamp":1701176109428,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f0.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3275\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ccb\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0c8f9bed125c843b1efa1ad7b8f40cf6","sha1":"b82f28949bc2ff5659892d9743ee3163074fbe59","sha256":"405079b7259e0226754fd321194f1ba0e0915ea5e6ba369c1b51e861dc802186","sha512":"523b8385438dfd82f5e88bc3178cca608dbcb1126b52f7aa32e4fc50d433177a7fb88cb58cf4a50f17bbd077500245664f2e7098dc8a62d3d88b22674f674075","ssdeep":"","tlshash":"78615ba602172b783b721998734b4c961c3900adfb97aa7b8a592242b509d4c6371d92","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.678062Z","times_seen":5240,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.430Z","timestamp":1701176109430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2446\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-98e\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1435f386451a2574d4ee50046dde3f30","sha1":"fd0ead654b8a0dcd6db3f93af841dc002a7bd5d2","sha256":"b4e83aa1c0b484849cf0e21a574abc3e506099123269fd37fae770de0d3f81f6","sha512":"f156a7d08c1490141d99e7af4cf50df99727c99d081b81a09ae6425cfd0f896b3f8be0aafa5fe14a54f78ca7e6005982e0fa66dec473b333acd4e3935dfb15a4","ssdeep":"","tlshash":"fd512beb9c0304d695ad1e084c745517c036c4b5b3ca9c7d59b0079a8fa259a1efcd6c","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.851389Z","times_seen":5245,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.431Z","timestamp":1701176109431,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3541\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-dd5\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3c8f2127eacead7787ac1b69a9175804","sha1":"1176f0d04b4efa4de8a2710f97b1fc8b41ef7117","sha256":"a2dfad9096daaddd8c7d12910ae31d005e62ac16d4ec2f0a86805cb19c4f8fbd","sha512":"011c2ea3ffeb49434004b190cde4308498b0345b7a88abe6a0ac90ca82d2f88e773b4d6dad8bc7390e0cd7eaae241a2b2ef00c1868fbb787a2cf90118a45268d","ssdeep":"","tlshash":"82715fd6033eb5da9b92c9f34b09fc72e7738c7720498d5d1508d170a65a1d8cd78259","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.602552Z","times_seen":5242,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.432Z","timestamp":1701176109432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3036\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bdc\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3036,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d57560fb8eb3f7fc7df3e6ced27dd926","sha1":"3d75439040139c3191e75df128651e2c6ff4c249","sha256":"a97839d6a477cd76035119de3028e993a27c0275f14c391cc0328dc41516148c","sha512":"5a99206f2a2b59ed8991a1ed87c25da89eac0afd6ce87a243745938a2076d9af25fd6d2c4392e430959ed92046075e18e827ca6a330afd231f5102886afb7d23","ssdeep":"","tlshash":"7f516d43a4cc82fc82c76623f719b80cb105b145cabd191a365e4866d74ac4c41f1fa2","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.603698Z","times_seen":5240,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.433Z","timestamp":1701176109433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3038\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-bde\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3038,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b4ee26abdd61a47d2703b0fb51eefaf4","sha1":"1a36af95891fed5352e67a1782f118e64ad05f1b","sha256":"9f27bbf0c694fd3cdecb93b5920af78608c6e7c97e52bc5c11353720b61d3579","sha512":"42d692311b047618819bb0dfc68d4a49661788d9e5712822de3d5f343df08bafbb02fc846e13d7290ff5ad712b5976c8456f7e3ae90af81e5b030d2c16ceb0db","ssdeep":"","tlshash":"87515d4a0189ac127c5a5760ffea4056ad34d7e84f50084e1ef4618e5e102c0a52ec6f","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.718252Z","times_seen":5245,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.433Z","timestamp":1701176109433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3249\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-cb1\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3249,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7dd6159484ca1b6552b2515fc76b4cce","sha1":"4adbc35e9590a8f1902a4d7fc7532b9b5c03efca","sha256":"4949511772015a8294fabbb729108799a654bba5d403f7fe2078f1c80cddc416","sha512":"251f4c666122cd45f2f96d3d26719829d9ffeae66d151f1c2386e26c2cb9fb58ad03e489c18531ecc6af7d61ab7dc87cf5a8b7f22d07709a08e263261e1c22e3","ssdeep":"","tlshash":"84613ba762fe465c891001f4dbaa8efae221bc047679798cf18690176e4bd083568be5","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.616253Z","times_seen":5236,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1e8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.434Z","timestamp":1701176109434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1e8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4271\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-10af\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4271,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cf8274a5b52809a0eeae99175d9f864c","sha1":"25147e6fb85dd35e2963e9098afeced2cf4c5bf5","sha256":"a44c64b661220c2cdb645eec038fb2196dcdbc2480ada5b9a3ec7a638f436932","sha512":"5ba146bd354f5bb67a7b8b723af7edcd64552c1391a41014edcffa7af8c8a36c6543e5d47506ff38b3cdca50ad255aadfcc76a3788557f29c8fa0eab2346d06e","ssdeep":"96:Tbfchnczm2cIqgtq1ELxhhql+iXSlzn9G7/ejH6p:TbfcF6mYD84ozEzIby6p","tlshash":"e6917ed4950e7466fd9c84fa0ab66764cfb80834afcf8541911e603d42c394d3ca989b","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.551366Z","times_seen":5236,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f9-1f1fb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.435Z","timestamp":1701176109435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f9-1f1fb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4587\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-11eb\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4587,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cf1a958a4d5d81f0cc5bfff544b186d8","sha1":"4da5ef8d33567b07caf6ef706290f9df3ee6a35c","sha256":"000c18e54265a25d555813fbec1b3bd97c878af016f8825bf2268c361fddb39e","sha512":"581b891b0dfda139387e4e954756b0015fc200a9e0fdfffe0ad94bd9038ab9fc46c058bddb86bce6aca894c0388535f7328c7f232cbdb1eddfd46be8a40bf44a","ssdeep":"96:cUGmG+jY+k0UwQGt4mIAJv6f3t6tfrfbdB+c0sO5nVButmP9MYjV7soOpiyKcGD:DElcZv8cfrBo5fnjpsHKx","tlshash":"74918ef9e7192687957c13b32ca60a2b40a118229fd6cb548e5548adc156d4dbf8c309","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.858658Z","times_seen":5240,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fa-1f1ec.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.436Z","timestamp":1701176109436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fa-1f1ec.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4062\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-fde\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4062,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cc084dea993eaf9ecb461f90730f9324","sha1":"e11950d7d85589d6f9fb8d660be9026ae56c15d2","sha256":"40e8cf9d53ee9efb661fb858ef979806cce17bcb7813995c3b84d3b22d0e70c0","sha512":"b9ea7eddd33ff4f2340f5a2fcd85092ee4d7fd04b9672ecb8eb2300ea2ca7451b16c482c88bb77e3850072f44fdb1390d20d8581b103fa9bb7eb13ef78b939e7","ssdeep":"","tlshash":"c2818db7c098c25e21729075e43e29e755b0e892ea79c21bccca326177003de4e1da63","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.565682Z","times_seen":5232,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fa-1f1e6.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.438Z","timestamp":1701176109438,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fa-1f1e6.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2731\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-aab\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"42ed8a01c0c4ef70b9572f4dc02b01fe","sha1":"ba54b81864bfc40e26715ea4cfce7a1f7edf8d5b","sha256":"c213904b26162ac7fd4a85a32ae3a0dc3beff92f465e82e4f4a8584a7eb36bde","sha512":"839e132a02338a4056bd3141ee2e6ec5916984ea15d830e1b37210b63f65490c29d61b6aadc2c2f41a710e6dc0f034c379d2d0d5a7f6775474aaaedb8642d5c7","ssdeep":"","tlshash":"1f514b8c3452fef553caad7c52e81b2fcdc59ad875342a38029a202b3079c51262cc7f","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.680232Z","times_seen":5229,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.440Z","timestamp":1701176109440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2497\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9c1\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e0c12f728a73cca2f698485e4e059cc1","sha1":"47ae974ed1992a1339285cbcfc8114e7f09e7b91","sha256":"5114cd7bdbb94b9e206e831298880ba910595bbea9e55f5d3e67b2322705bf3c","sha512":"74c89cce7a7a6975ffea4e5452c3d9cc8d87bcfc6427a2a0edcb6d28646d2b487cd958994b4929d03ff3aaedb4002d8ab429de0ca49f1fc7a59c046bdcf8da4c","ssdeep":"","tlshash":"ac512abf71a07b6ec6b94f374e23058834a11868bb606488775bb4de0e07110b69619e","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-16T06:15:53.365476Z","times_seen":5221,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ec-1f1e7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.441Z","timestamp":1701176109441,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ec-1f1e7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 5508\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1584\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"57afa6d452145cbef5a10ca5f1ca2541","sha1":"03ac224e1f43747d3cec10d90f789d3e4da1b242","sha256":"160e2c40f9f3223eddbf0b6767e79bc05c6af362f2c05293501fc5ebb5f32fd8","sha512":"e5fe8faf99e1fb2c1d66cc81ed29e0243e49e53f73a8d78ee48a0802a403f48bde7710a7af367e7679ce98c62a37269a0c44b332e2c10d1e9ce0bec02386d7ac","ssdeep":"96:yjQqjVj5u2BwRcpSJ9olUoFD76FRWv17/s0I9M9ZB15FaQojCsKNrJpfiaRAWs+/:CFhkvmeRoFDOLWvR00I9UZB1+Qid4Jp/","tlshash":"14b19dcbf1e68f24043472ea207b4e54b0a001d21f1b59eef455c0e62b63aab8409f79","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-16T06:15:53.325833Z","times_seen":5226,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fa-1f1fe.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.445Z","timestamp":1701176109445,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fa-1f1fe.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4958\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-135e\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4958,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"142f7f3955633b6e9ac8ce3d61fe9be3","sha1":"eed26bc80a1cfd99df8f97fc44a9de6ce985a467","sha256":"6b6bc76c87fb193420c7e61a338c985baee9b5165e908a81fce894566eb39c87","sha512":"f76b2b8088d986268c676ed8d82147b3061168813e1b62a3e3664fe5130943775233676579606b0b77f2226c3003f3acdc26faa3bc615292ad6495596dad6063","ssdeep":"96:SlnQBO7RmkMgIO7rSBq0v4VGsboU437LHGdmlArvVE4R:SFFR/MgV7rSJwVd43/HGdmervVE4R","tlshash":"9da18e73e0d56dbf599b4c4cba3f1691b4754c3d3307b2292b0fa84fa834948926f162","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.884062Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.449Z","timestamp":1701176109449,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 5110\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-13f6\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5110,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"188cae4cc09f69ec6849639fb1ad20e8","sha1":"576e55ec6a23a49d6538b43ecc95d8ba4d92ed92","sha256":"5889f2cece25d499e82ab3e7fb01b36eda0d6542ed966bce3b8bb49cacb6251b","sha512":"e27743d6fcb70eb18454cd0e699fd2adf6613cd101e4d3773d9a9e58c443076f500196aa4f20a78ca756831d83a5cda74f708204d9659ce0a225b66d3dcb65eb","ssdeep":"96:QeIYFqD+NPxpbATXKFY72HPvdEPhGmdFfyUjT3N4CiQNrDjuBbMH/e2xLk8:7U+NPAaPHHdEZVFqs7KcDjHf9L7","tlshash":"5cb19d92ced3a6e54bb5713a0cc5212bcc043eb446cf2fc2953b6abd3828734e570652","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.824378Z","times_seen":5233,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fa-1f1f8.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.451Z","timestamp":1701176109451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fa-1f1f8.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 5869\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-16ed\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"35f5ad427b2dfdbcae5509785f8433d5","sha1":"cfa72cd02b886ac4a6ae2662e1528f2b2edf0b99","sha256":"5f4c667e8db737a93450a9786781b8168514e6201ffb20f310bdb0b58d0291b3","sha512":"5c39562b224f215a3e3310a58791b9aac78c8897423a23e3168c2d28d9025bed507c77a03875f4f59a6380c2322412ca0df21cb605db4e3a3bd08e7127eca81f","ssdeep":"96:hm66yKwhOYITG9Pb4yoxlMihF0had+Dq3VM09RSon4VNqLw9:hmoKwM1iMtxlMihF0h6+2rR4VNR","tlshash":"1ec18d9b727bc0c514e1cfa380180c35eabfd428229fc259ec25ca1a0ee890357b483f","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-06-10T04:54:40.929919Z","times_seen":5240,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fa-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.452Z","timestamp":1701176109452,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fa-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3602\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-e12\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"164efdb4213509de3d4a01219a980cfb","sha1":"4a6289c1295968a7389883436ae1d23b26a736e6","sha256":"e89e66b7c26f732c28c6ed24f4c010914dfe881845a64f7ab7432f9fdfabd0d5","sha512":"19fb8cc0d996844c3eeb94c6bb3f46fb84270fae7f3ba4a8934b0ad14ce339eeb827b7ed8e0515f1c183bee9bc9554ebdd2608c9477dd46ac55c2b68f4c6b394","ssdeep":"","tlshash":"27714b3513bc6ba2941bf0a5e9727b27c721aa3515dea30201a24cddf63db45889ef11","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.830215Z","times_seen":5232,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.465Z","timestamp":1701176109465,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4037\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-fc5\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4037,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f48bd1e4f7569895f1143ac5801305ba","sha1":"7e7a23e748dd100243d13e93ad36fa5039223885","sha256":"782145d4243a4aedc3061c6accb79057b3a0477738ed0c35d43269a41f35675d","sha512":"a3278604eebd15f2c8fcb1c866b9711efd7f94910fc0de5cd87a39c7203baf29686ce1b030d48a077b6705d588493d0e4eb524de28fc9454e041563e8c85149c","ssdeep":"","tlshash":"c4817ec641f0715a6669c27f5b08ce39a72817005e256c723645f6f73d1842b640daff","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.91371Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.467Z","timestamp":1701176109467,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3554\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-de2\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"91ca91cd583b3e39e42aa47ebce15175","sha1":"e29ca1b2c34d6c391d400dc3ac5501308a52f5bf","sha256":"b7b7834d75c2bb9714e93155420a46c9299e600a4f33444abaf5284a715414ff","sha512":"760fc6181f5444909a08ee879f76591ceabe95de6e490d7b713838e00bd49683c2a627a49f8b103a38a898810ef64be6c2f003af1adde84bd2eb50183e155f5d","ssdeep":"","tlshash":"3c715d15cf20d61c9e84f19cc0fdbd5c77e947a886e125604011ee35ae226d74b3e5d2","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.561792Z","times_seen":5227,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fb-1f1f3.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.468Z","timestamp":1701176109468,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fb-1f1f3.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2756\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-ac4\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2756,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3f2d6d05f513892c76682ea06ec375e1","sha1":"98d39ff864186723c40c319811fedc111199b9bf","sha256":"b95856a34c6525f343e9302170575e5ccee26de74e82b95fb220cf51897986f4","sha512":"55e08fa3549aa64f2a5cf8b9270b8ea3f131bf5148fd2256c664812d690b8c34c9008d663dbf7b2d7d75fd0e019b9ced0245c40fa1ca2ced108fde211d7c2c36","ssdeep":"","tlshash":"1d514c6d6e02dfffef4a667b32f09ef543a60e81361c40009a0084ed1631ad7aa16487","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.566724Z","times_seen":5223,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fc-1f1eb.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.471Z","timestamp":1701176109471,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fc-1f1eb.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2957\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b8d\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"91a00309463541df6a7feddb6f61131b","sha1":"39fb07f15d814399381aaf172e6a63464ab05459","sha256":"7f6decdef558e4fb162e5874d01937530fb436e389f2d672a4d90bcf6b15e0bf","sha512":"272bc31eb270c7b6f3f303fd95c8103b685ec109cbda2965092d5d590199e646e131da5d4863d814a49efd89e649bd5ca9db6466b71e26d8cbbc7fae1cbd280b","ssdeep":"","tlshash":"01515caa7788c32c509d20322b6b8a4e606556320dafee63b179795168f583708e390b","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.911638Z","times_seen":5212,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1fe-1f1ea.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.476Z","timestamp":1701176109476,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1fe-1f1ea.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2500\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-9c4\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"516508aa776e1e798b397e97cc2d1a1e","sha1":"6d39d508d4967b60890bfdb62f93dfd2badfe776","sha256":"d8cdf921ebc14f94f7a1153831bbd6ec35138a2feeb550c0c901506386fc1ab4","sha512":"e9693ef95e9bb761e3bf87cfa0dcb5b632d06c13e8cae33b3287e1b15bdd4012e327b1b1511c63be5763c184fe0b8c8e512cbdc564d6ed104f8624735cdc4b81","ssdeep":"","tlshash":"a1518d90e20c8189f9e36b65a601f419fa9fd01cce0093cc42374adbef0a8ce8f84434","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.76726Z","times_seen":5216,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ff-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.477Z","timestamp":1701176109477,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ff-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2388\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-954\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2388,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8372c6d280f93c43f78761cb8a5d89f4","sha1":"84582e3c49468a21b320fb49f63fb454fbe0da08","sha256":"d8f00c77828353d8f1b725ddce0b789b7a9147404d7a7d9f15631b8e7db665c0","sha512":"0a15926326627b3b6ce345d1f98b7f46880995407de6160758910f494dae6fced148267faad56302021bd1cddc5c56cc00d54e8e78d9355668994b450fb97a68","ssdeep":"","tlshash":"94413a52aab3f098dd84a625cb6e2caa6f7e1ce0ba13c42d94a044110f0797c1b68971","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.885481Z","times_seen":5217,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1ff-1f1fc.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.525Z","timestamp":1701176109525,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1ff-1f1fc.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 4686\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-124e\"\r\nexpires: Thu, 28 Dec 2023 12:55:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4686,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"837389b372b016e0f30a44be80cc1bf8","sha1":"7b832a10c28ea37db1c6d53b315e8988d494d35e","sha256":"145abdb5413e0493c6dd0aadece335da84a5c73ad94a57fcf7a461728ed11ba5","sha512":"3028499bd21998c461964e0a72c9c045a857bb7bc3e80628981edf52d1e83f54ab6d4d1059dd6ac1a9688584625879aec85bae482371bb8e9b0ea498e1a5b0f9","ssdeep":"96:Pcp6LzUWeUjYigXuCjbrwkhitW7GoDJ5G/QjRHFz:Up6UWeerCjbJaWzF4cFz","tlshash":"b0a17db45481b06fde681b0decbae6fec89a41df101f141b904e9c9365990ea44759f1","first_seen":"2023-04-19T12:19:21Z","last_seen":"2026-05-27T17:57:01.543028Z","times_seen":5223,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.632Z","timestamp":1701176109632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11016\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-2b08\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\\012- data","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T21:35:02.900289Z","times_seen":33940,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.914Z","timestamp":1701176109914,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11056\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-2b30\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11056,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11056, version 1.0\\012- data","md5":"07db243db21ed0a6b4ff05ff429686b7","sha1":"5d62925fdd7ed8e80f206d095ed093994f13d276","sha256":"ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e","sha512":"d34d15e91ba706886f7b098b5a42b3e31d374fda47d6e873f10b40fbea78d848921d124fc17045e77c432bcf2b4d4adfe5aeca4c3122cec199ac92e3124541ec","ssdeep":"192:duC8R1LnQKFt7DX2XFEu+zjdNr/ucPDf/Teifn/m1t7w9vxUBpZRCo++TkXT0R97:dL8bQKFt32XF/+zhNr/uS6i+tU9v6RCM","tlshash":"9d32bf0731ed12a1f9e8b3b1b9adc3490ce275f00bbc52da8669787ed43660e95d0078","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T21:35:03.040799Z","times_seen":7616,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"kws2.web.telegram.org/apiws","fqdn":"kws2.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:09.824671828Z","timestamp":1701176109824,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: kws2.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://jfss.cc\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 6axjLBRX8pW0XMfrIsDnsQ==\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 28 Nov 2023 12:55:05 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: RwhU1iYOofK70s66CSLEEhcFLHM=\r\nSec-WebSocket-Protocol: binary\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T23:48:58.469487Z","times_seen":16370873,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kws2.web.telegram.org/apiws","fqdn":"kws2.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:09.915234784Z","timestamp":1701176109915,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: kws2.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://jfss.cc\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 7gVm9NKdigC7675lneLaOw==\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 28 Nov 2023 12:55:05 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Jextk5cFLoI97pmw4IOEE9AHJKM=\r\nSec-WebSocket-Protocol: binary\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T23:48:58.469487Z","times_seen":16370873,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.777Z","timestamp":1701176109777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:05 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 8024\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1f58\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8024,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8024, version 1.0\\012- data","md5":"073578b7f22768baa58cf9a87380538a","sha1":"702b779b7ea064cc4713f2234dc74b1097aee389","sha256":"f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4","sha512":"627d5a3ba36e5f057e74ce2828fbd86b50cbbe01605cc0523366333b8ce86d45ab383d0ec6195794112b96b307682d7bdd28b9c6b40189ccac4a6aad09d05b00","ssdeep":"192:cP+/jSJI4FjukEJlRF/bYtreKfmjsD1UyQrPG6:cP+WTju1RbMTmjsG9Pt","tlshash":"9af18e171dd83238c4046cbed33297e60e1c2f776c7127b4f554d4f085a87b4a99e458","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T19:00:30.98449Z","times_seen":3091,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.632Z","timestamp":1701176109632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:06 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11016\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-2b08\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\\012- data","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T21:35:02.900289Z","times_seen":33940,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:09.914Z","timestamp":1701176109914,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:06 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11056\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-2b30\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11056,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11056, version 1.0\\012- data","md5":"07db243db21ed0a6b4ff05ff429686b7","sha1":"5d62925fdd7ed8e80f206d095ed093994f13d276","sha256":"ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e","sha512":"d34d15e91ba706886f7b098b5a42b3e31d374fda47d6e873f10b40fbea78d848921d124fc17045e77c432bcf2b4d4adfe5aeca4c3122cec199ac92e3124541ec","ssdeep":"192:duC8R1LnQKFt7DX2XFEu+zjdNr/ucPDf/Teifn/m1t7w9vxUBpZRCo++TkXT0R97:dL8bQKFt32XF/+zhNr/uS6i+tU9v6RCM","tlshash":"9d32bf0731ed12a1f9e8b3b1b9adc3490ce275f00bbc52da8669787ed43660e95d0078","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T21:35:03.040799Z","times_seen":7616,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:10.094Z","timestamp":1701176110094,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/fonts/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2 HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/main.0535ee29a03f18616097.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:06 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 6720\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1a40\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6720,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 6720, version 1.0\\012- data","md5":"ddbe8450ae34795dee574854e9b01533","sha1":"5c9aaeb1b9de21b0fb4c7d9b92276dc5ab81b8ab","sha256":"daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca","sha512":"df3d13f930835b6dd7946612f71e4a55115d64eb0c5202f81d43df6e7fd1f0602bb31b3ef73cc386e2b6f3b33ecd83b06cf580e734f04e1a87dd2c0462d92479","ssdeep":"192:GUXoJC3HQRHnOj14WFTGX1XX1s1G3LH0X0+P:1oPk14g6RDr0X0c","tlshash":"60d19ee4f9d467dce608ae23e704732e97430633c952fbb5825699a49c42607fece1e0","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-06-12T00:53:12.586314Z","times_seen":3014,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"kws4.web.telegram.org/apiws","fqdn":"kws4.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":0,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:11.455586557Z","timestamp":1701176111455,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: kws4.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://jfss.cc\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 0SrITar3IuDSkNPnV5LzLA==\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 28 Nov 2023 12:55:07 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: JLyLgqWLZyNnukrkWqKzQ+iizcU=\r\nSec-WebSocket-Protocol: binary\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T23:48:58.469487Z","times_seen":16370873,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/508.af66b8900c009e6f68ad.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:11.290Z","timestamp":1701176111290,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /508.af66b8900c009e6f68ad.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Apr 2023 12:08:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64394243-12c1\"\r\nexpires: Wed, 29 Nov 2023 00:55:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":346585,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"028239d0c329ca23ccb90c712122c13c","sha1":"ff4edfac170f55ff89f019b72429a8ab0bcc3013","sha256":"6395ec39767e99858890f55b402956056ca498884470d5f566333943ac56009a","sha512":"1a8b0f5e64791a7f50e53b235912ebaddd8fe9d8b68e337ae150118ca3c7bbd961e527360fe621c414e7eee598981d70b767363139108f8d0489e0ac6686502a","ssdeep":"6144:HBLCyXH0RkMe/HUtjAy9pQFJSEH7mrqSiCaLCA5O9io/fAi7BPqk1b/2c:H1l0r00t9QFJSRrzd1J","tlshash":"14740927f21a9865f4006937060d9937233bd890729970a6e78d38fb7cfb90db55b7a0","first_seen":"2023-06-02T00:48:34Z","last_seen":"2024-10-04T10:37:27.4304Z","times_seen":50,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"kws1.web.telegram.org/apiws","fqdn":"kws1.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.174.100","port":0,"asn":59930,"as":"Telegram Messenger Inc","country":"Antigua and Barbuda","country_code":"AG"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:16.068727187Z","timestamp":1701176116068,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: kws1.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://jfss.cc\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 2cyzS7sDmZgX501RJixw6w==\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 28 Nov 2023 12:55:12 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: CCVWTT9zlBmqD1KzVLtjp/yVT+s=\r\nSec-WebSocket-Protocol: binary\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T23:48:58.469487Z","times_seen":16370873,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kws3.web.telegram.org/apiws","fqdn":"kws3.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.174.100","port":0,"asn":59930,"as":"Telegram Messenger Inc","country":"Antigua and Barbuda","country_code":"AG"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T12:55:21.054098131Z","timestamp":1701176121054,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: kws3.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://jfss.cc\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: Q+rW3HEf0pn8e+WBHJiltw==\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 28 Nov 2023 12:55:17 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 0Nh4UC0nmlKRYHyqVR7X6tbTreE=\r\nSec-WebSocket-Protocol: binary\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T23:48:58.469487Z","times_seen":16370873,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1fa.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.274Z","timestamp":1701176108274,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1fa.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4504\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1198\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4504,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"03c3a4b4e37ca6e7c48310c084622393","sha1":"0e5b66376d85e4fe63feadf569e9afbee3d852fa","sha256":"42138a2a945cfeec474d85c73e9d535a7a0bf1c09524b2b059385e9cb664849b","sha512":"61baefe1b929700c2701c0c63313260903902591b79a8fa22ca93374a3e7d4ebab4f1da9c6a75d9e5ef9c360fe5160207e663a59869f1cf249423a6f7cb772d6","ssdeep":"96:WzlXfW5KhjSC8lPvikDuSBDbO87UpoZCFpH7JUa0zqydB:EW4hjna3tDuC3OqU+IF97Y","tlshash":"c3917daa8a19c61bfb4121235dbbd43eee2623d2e3b2ec051d4057c803c5f76c42916c","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.25345Z","times_seen":5432,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f3f4-200d-2620.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.249Z","timestamp":1701176108249,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f3f4-200d-2620.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2659\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a63\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2659,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"15e55d57d6656aabf58623b7d329ff3f","sha1":"952b745a6ec0aeafd61fb7738271257e33b15281","sha256":"62314937372b90101ce2d80d73f732588279359a2c83ab2bdcef0dd6ce5b7a23","sha512":"cbfd4a531e28dd9ecbcf8e9e759ac67b02da97c0c0670e75c389aa1e99b2e2d5f34526d681e910cea662283e59f6ef744d69fcfdbfa75f16ababd855404d8990","ssdeep":"","tlshash":"77513cb0b7d6de62cd38407999073310895652c18ba91c3faa71ce78a9ddcecaf1d200","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.520443Z","times_seen":4026,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/rlottie-wasm.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js","date":"2023-11-28T12:55:11.472Z","timestamp":1701176111472,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /rlottie-wasm.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"643228fd-15695\"\r\nexpires: Wed, 29 Nov 2023 00:55:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87701,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d0dc2aa4acda9691f0081fed00fa07cd","sha1":"66eafd865c4a328fda4c154a0cd54f02ea7ef3eb","sha256":"8b571f3d975dd65a66142999e022179619e7f09ac8dd264c3cb0e0fb8bff550b","sha512":"45aa07bdf4460ece5aae1a9712e6e8ee7a2b4425dc061719e6779ae1234398f0c99129774f236b2b44849e49a3373705fed9aea43e3b9f5f5760780123de09b9","ssdeep":"1536:REG6i+XwgC/ieo3+kr/9LcZlImviRilsl3f:REGEGkKZumviDlf","tlshash":"1183f9497ad570f683c73a78a86f260bb2b75c53581cc014da19e8e068b4f59e43ff98","first_seen":"2023-05-18T21:21:17Z","last_seen":"2026-05-16T06:15:53.205497Z","times_seen":1845,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.389Z","timestamp":1701176108389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4541\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-11bd\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1a8d3213bd2ce913b803e6b1b84377a4","sha1":"f6147f349c23f591ff39c235cc291fa60a528a48","sha256":"e2cdaa67e5734544d84ca24993034452308a78a87160ce56e38167b4961f147d","sha512":"78c4d43a92d986032bb8fd49ed18aa100419fa58662eecdc648a16a0e37c78373c08a85b5ef70a82d55e0a9072c9c5f3ca4c7057869770beb51533fcd3ad2c14","ssdeep":"96:CxZ1Z5egWH8eKx37CSA6GO+Rb3jcQkS1IXorJbxoQfVF0j:CxBR88esObN1N4nSKY9l5+j","tlshash":"0b916d83673f290adcf521bcb0478cf53df645bfd915b1412a4f890e0a8961e9e10273","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.860794Z","times_seen":5445,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/rlottie-wasm.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js","date":"2023-11-28T12:55:11.459Z","timestamp":1701176111459,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /rlottie-wasm.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"643228fd-15695\"\r\nexpires: Wed, 29 Nov 2023 00:55:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87701,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d0dc2aa4acda9691f0081fed00fa07cd","sha1":"66eafd865c4a328fda4c154a0cd54f02ea7ef3eb","sha256":"8b571f3d975dd65a66142999e022179619e7f09ac8dd264c3cb0e0fb8bff550b","sha512":"45aa07bdf4460ece5aae1a9712e6e8ee7a2b4425dc061719e6779ae1234398f0c99129774f236b2b44849e49a3373705fed9aea43e3b9f5f5760780123de09b9","ssdeep":"1536:REG6i+XwgC/ieo3+kr/9LcZlImviRilsl3f:REGEGkKZumviDlf","tlshash":"1183f9497ad570f683c73a78a86f260bb2b75c53581cc014da19e8e068b4f59e43ff98","first_seen":"2023-05-18T21:21:17Z","last_seen":"2026-05-16T06:15:53.205497Z","times_seen":1845,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e8-1f1ee.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.579Z","timestamp":1701176108579,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e8-1f1ee.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2127\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-84f\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1cb9a07edd553804f8de4f8c414a4cd6","sha1":"06b2e60a4d759834ad5e22f53343500a01c2300e","sha256":"3489323ed4a63258f21ebe3ba790cc5a2b5a2260d96c46332d31e29776506302","sha512":"8c2bc2f089bbb019b11085c8fa1d785503e06614cf70741da69c0d9d18aba9550cbe64a5544cf8dd638b71d4fb07599fcf86a2f8644616b795fa29e31cfdb29c","ssdeep":"","tlshash":"81413c169a02d91a7b9ec31ed75b014cc6329c3bff15b322dc48de111aefd440c9e9a9","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-16T06:15:53.227455Z","times_seen":5424,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f4.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.244Z","timestamp":1701176108244,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f4.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2941\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b7d\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2941,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"81ad46682700721224b1d604d7aa172f","sha1":"40d1f5a5c57c11382c969481e040fde8c103d30f","sha256":"b3ab35e8edb51bb41624b58c8b13eb39d6a94d26963e07b5a6b9bcc39afc95f7","sha512":"311e4a9a6d369aaf423bde12fc4d86ac51e60b61297f86f52ca6baecfa9503b1ff936b4b69ae3281caa0dcc1d5faef4587c13f5dc0dab2a188d6f1f6bd4b0c44","ssdeep":"","tlshash":"e5516d05217f2dd2b729269bd2040073fbc1c42bddb22822bb911733bd112c9686937b","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.617194Z","times_seen":4637,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f2.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.258Z","timestamp":1701176108258,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f2.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2937\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b79\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2937,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"67b11bb2ec80ee24fda87aacce21ee43","sha1":"89f091c27d7888def7c937e23c7de661f41c038c","sha256":"ca66c37c73bfb3b067b953c4537a3571f2312077d049914b8e5489128d0be1be","sha512":"a3274ed3fd4fc087fc189a55c1b2271927c2e34b1fd99217d31c3b3dc52b5fe6035b35605bfd8718d3bf24c43d829842da608fb036d19e9c4d20d2524a6ede06","ssdeep":"","tlshash":"75516db688aa96bc8cc948c2d78d155698f8300c57deb4a21c19efad2b6e00dc13dad1","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.580818Z","times_seen":5444,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f9.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.282Z","timestamp":1701176108282,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f9.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2935\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-b77\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2935,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ffe1fb828ff500ae47b3f2727f1b95b1","sha1":"0adefb360e2d698e03fb667e0dd67ccb14bd1e4f","sha256":"dd3b427be088465e947db4dc7ac82f135a890d6f921a2b982822fb19bda2f420","sha512":"239202b176db5239127b4df4ddb07ead684f102efd6e07a6eaaa76612e9d5f5c2f2c8dcff4a90939a5c6acee72738d09f15f157a75d623fc9acbbbcdfb2eab15","ssdeep":"","tlshash":"82512ce8ba22b96d3f268b8bcd0a0001e43122641276215d58be55596fc44d352f49ec","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.587262Z","times_seen":5444,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/rlottie-wasm.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js","date":"2023-11-28T12:55:11.475Z","timestamp":1701176111475,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /rlottie-wasm.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"643228fd-15695\"\r\nexpires: Wed, 29 Nov 2023 00:55:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87701,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d0dc2aa4acda9691f0081fed00fa07cd","sha1":"66eafd865c4a328fda4c154a0cd54f02ea7ef3eb","sha256":"8b571f3d975dd65a66142999e022179619e7f09ac8dd264c3cb0e0fb8bff550b","sha512":"45aa07bdf4460ece5aae1a9712e6e8ee7a2b4425dc061719e6779ae1234398f0c99129774f236b2b44849e49a3373705fed9aea43e3b9f5f5760780123de09b9","ssdeep":"1536:REG6i+XwgC/ieo3+kr/9LcZlImviRilsl3f:REGEGkKZumviDlf","tlshash":"1183f9497ad570f683c73a78a86f260bb2b75c53581cc014da19e8e068b4f59e43ff98","first_seen":"2023-05-18T21:21:17Z","last_seen":"2026-05-16T06:15:53.205497Z","times_seen":1845,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/rlottie-wasm.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js","date":"2023-11-28T12:55:11.482Z","timestamp":1701176111482,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /rlottie-wasm.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/508.af66b8900c009e6f68ad.chunk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"643228fd-15695\"\r\nexpires: Wed, 29 Nov 2023 00:55:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87701,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d0dc2aa4acda9691f0081fed00fa07cd","sha1":"66eafd865c4a328fda4c154a0cd54f02ea7ef3eb","sha256":"8b571f3d975dd65a66142999e022179619e7f09ac8dd264c3cb0e0fb8bff550b","sha512":"45aa07bdf4460ece5aae1a9712e6e8ee7a2b4425dc061719e6779ae1234398f0c99129774f236b2b44849e49a3373705fed9aea43e3b9f5f5760780123de09b9","ssdeep":"1536:REG6i+XwgC/ieo3+kr/9LcZlImviRilsl3f:REGEGkKZumviDlf","tlshash":"1183f9497ad570f683c73a78a86f260bb2b75c53581cc014da19e8e068b4f59e43ff98","first_seen":"2023-05-18T21:21:17Z","last_seen":"2026-05-16T06:15:53.205497Z","times_seen":1845,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/301.a12a7ef63649432e7e70.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.084Z","timestamp":1701176107084,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /301.a12a7ef63649432e7e70.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 04 Nov 2023 05:49:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6545db7f-6ba\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1722,"size_decoded":0,"mime_type":"application/javascript","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1716), with no line terminators","md5":"60c0b114adf65faf982dce8bf0da33f2","sha1":"9cf13c6758ef210962aa581655bb4eadc3ae8803","sha256":"8754d46e42b89244ad07e43a8a00452cab63f63e575da02f657c6d9250965594","sha512":"48263c56fb9efa028352d55cabae646a0fe3b9edf44c2d0e259c2d93732c3971158d25dba49fd0573b106de5216bac30ecb9ebcb5b153d6bde810da9251faf66","ssdeep":"","tlshash":"92310e2d8b19d7098d410d9e24fa7e2a3a3c88651e90cc2c2f6ac10bbbd393e95c7540","first_seen":"2023-11-28T13:55:28Z","last_seen":"2023-11-28T13:55:28Z","times_seen":1,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1f1.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.216Z","timestamp":1701176108216,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1f1.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3451\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d7b\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3451,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"eba5169e2e179c9a71f0e60f47e2627b","sha1":"13cf3e44ed19409477d73e3f89bc4d6b4fbb4990","sha256":"b9c5f623a4846842eed51852bfa4e1629c8f0b5abb1a35d9129f10756da84e28","sha512":"c21c4e796a4e03435f2310973e4e22f765610b09c9c149ad928a76e39fea8290fb30c2e03418b8f390101cecba3b1f80e957992cb0bbb38b53945971d76e7e10","ssdeep":"","tlshash":"70615d698b65bdfded474050c91524f06d798d742d1be9e0c64539f85213dcba20e0cb","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.702028Z","times_seen":5430,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1f1-1f1f7.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.964Z","timestamp":1701176108964,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1f1-1f1f7.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 5221\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-1465\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5221,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f337f86a0ce477de9923a1bbd465aea4","sha1":"5be86c1bfc5dbcb67a1ffc0e2d0c8d1eaa77c6fd","sha256":"05b5dada8489e4c79f1822d8e4af950692d9dfbd00da019ab45003a13badf328","sha512":"76a30552d25c75e6f2bf0db296048c2301194a84c15e4835cefefb9c07e82e655d574195e1f538d81f8cccd67c89db2f8ee8dda3cb6e0d6a0ab3467989108f13","ssdeep":"96:yOWjvSk0/ld+K8seog3hiXWW9m1i9u7tUlncKf6PuoH4HnluGYE0wd/:yQ9ld+ygUmP1HJUlpf6xKYZE0wp","tlshash":"dcb16c8291149fbd54ca51ad47291ef6c6bb028d917b5a439c1ca04e27b2dbfca30f0f","first_seen":"2023-04-19T12:19:20Z","last_seen":"2026-05-27T17:57:01.818283Z","times_seen":5394,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/crypto.worker.c59dccdc288c9bd74a5b.chunk.js","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:07.036Z","timestamp":1701176107036,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /crypto.worker.c59dccdc288c9bd74a5b.chunk.js HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jfss.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Apr 2023 12:08:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64394243-5f7b\"\r\nexpires: Wed, 29 Nov 2023 00:55:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24443,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (24374), with escape sequences","md5":"2ac58d7a09424119466aff07e5f549fd","sha1":"e60ade99032dcecefbbb7f97de8d0525aaad62a2","sha256":"dcda8f33a86fa9fa1d6db476bc32b89dcd12dd2816ab0e63668bd7008008f9c5","sha512":"0a7a9868f59bb29739af0f8ec2540dd4a24026ab810146fa9a1287a5129a26588bd33810fa077d9419c49a7d29edcf6da1f3181d0876b651d96646379d645eb8","ssdeep":"384:fqC9rMF+6q0HnZ/rXO8W8tQ7MlPr7w7G5tWObbT+nOZ7EPD+9wrkC/CPqGjAqqxp:fqCWF+W5rO8W8tgMlD7w7GXWOXTOOZ7W","tlshash":"9fb2fa823b94f0ad53a6c5d140bf5016927779043c055a5cf2189fc7bce2aa6d19bf3e","first_seen":"2023-05-22T12:39:38Z","last_seen":"2025-10-25T21:37:27.372638Z","times_seen":296,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e6-1f1ff.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.299Z","timestamp":1701176108299,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e6-1f1ff.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 3464\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-d88\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3464,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5983787851a0dfd972e9a24a98c89bb3","sha1":"d5cc5ab1752b158cf421a1edc7d3b0165c3b268c","sha256":"2c700c44fde7dd8b7fe6f92a4d6cd8ee56ce383c04ffac1346e5620dd75074c4","sha512":"9aac68fc9c8365104d6a7b85542eac1535789e79da031f7b7783b831b675561b17b6518ca61fefd971c9c87b132b29a7efd2c618f9bc6ae91aa9670fc0fb7b5b","ssdeep":"","tlshash":"5a614c6629c32770dda0953fdf97d9bbf233962c5b46a99cd984c29219820a6070187d","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.599752Z","times_seen":5440,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"jfss.cc/assets/img/emoji/1f1e7-1f1ed.png","fqdn":"jfss.cc","domain":"jfss.cc","tld":"cc"},"ip":{"addr":"45.138.68.113","port":443,"asn":35251,"as":"HostHub","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jfss.cc/","date":"2023-11-28T12:55:08.307Z","timestamp":1701176108307,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jfss.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Nov 2023 16:02:34 GMT","end":"Fri, 02 Feb 2024 16:02:33 GMT"},"fingerprint":{"sha1":"B0:C7:05:AC:54:DD:F0:A4:D8:F2:55:D0:71:E4:82:57:0A:B3:87:2C","sha256":"9D:D4:72:B8:81:BB:4A:62:E2:66:D4:88:C0:EF:E7:7D:C4:39:51:42:16:66:D4:34:F5:06:3A:41:34:CE:4F:11"}}},"request":{"raw":"GET /assets/img/emoji/1f1e7-1f1ed.png HTTP/1.1\r\nHost: jfss.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jfss.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 28 Nov 2023 12:55:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 2641\r\nlast-modified: Sun, 09 Apr 2023 02:54:53 GMT\r\netag: \"643228fd-a51\"\r\nexpires: Thu, 28 Dec 2023 12:55:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\\012- data","md5":"42e06c37f13a3faae190798d483a441e","sha1":"ca534a1e22a70eaaa9c14740a2d0e27ef36d5a8b","sha256":"f0f62d21f290b03131672b67171d91b135d7c7952237209035801c1b28e30210","sha512":"1dc4b7e7b1554e0f28f35b4b2ab00f170cba09cc477b7b0574e1bb770e6b7187b877462f9031208e92a6645a1b2c2cb976a35465304688e861bda3c1364c90ef","ssdeep":"","tlshash":"6d516c62dbdf153489160d6208989e2ff9a4701fb70c0aebd640d0e5dab0ee866123c7","first_seen":"2023-04-19T12:19:19Z","last_seen":"2026-05-27T17:57:01.589749Z","times_seen":5446,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-28","alert":"Telegram","trigger":"jfss.cc/","verdict":"phishing","severity":"medium","comment":"Telegram","link":"https://openphish.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Telegram","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Telegram phishing","tags":["telegram","phishing"],"meta":null}]}}]}