{"report_id":"cbd14543-d8b6-4373-9f9c-8828c9318120","version":6,"status":"done","tags":[],"date":"2024-07-12T21:35:16Z","url":{"schema":"http","addr":"usvq.iqcspadv.top/?hash=ab0370d2036b51alwtm/403e68/hzshsdaa4-e6/aiiv2i2auvsebkzazsatvapa/ai2iata/?afc2aabrayy3zblakp9uhaw5npjv/6a17c9/ajaa8awhwy?_rgegpawskiedqaaiitt/awsda/xaa_z5h?cnisaodi2wh/mabesa5ihzh5q5e4aaac_/06d9c1/aanvja/er59av-t2_1x4zaa/ay1wa_czcgkpal4a7snzgh1ua...~311~...ebryar2kisglhaa?pwqjqaapa6__gw/62e1c0/__uCAU8A?aAHA4E?3smx7Js6/rgUPAA3sqlN/XupeAI_P_UAr--xA5wE3A/Dw9AKO64Az-ARALAn4Ig/33d93c/8EjF2A?7/LAoAaABA_aIFsYmxP86_ALaSTu/WxAAh_A2AksdKaAHrVaE4IxcA/g0moU5NE?_HEAuAnA/277bb8/fjiMAC/NAPAjAz2?AAnEsQU3Af_ZHgN5A?ATTHz2EAseAjAiIjAZrNGg6KI4mAU_M/E5J9nqAKnLfv/ff3210/AUWsTA-AUA8HAy/JykIlg_A_GN7ds7-?I8_eXAyAN/Ec0UAxAnVhEyuoMLFM38?AI4_AAibAAfAASV/75112d/Cs-E9ZA9v_wLNx2DkADAVngnrTfOHA/9A2XlOAAUcy-k/Zv-mAr/AN4gRA?AkpAMCAVsHIqIyA4/5fecd4/qHA0mmfiALsITVAOEAui0oFxsA043KL2uY8dZ4AAe5/m9APTe/zAVA1EyUCAy-/AZrwz?m3KAYA/a4a117/g7sAj2A_R/nEEAa7HATYiAAu?AIl4vA-bBQAQFZ_7tXc_tAbI?rhA_fJm75t/iJyNAJEAAOAUbAhEn/22e0e8/_AcGAoN566iVAo6E0dn6_0IA/gE5Nx/mAQvAIbA9ZQ/pLmAR?-AE6AOsA1mIP?8Ai6AKy4AgqkwAHAh/2655d0/A9dcy4t_ljfA4w?_imXJsAspAIAma/VA4AGrAA8l8H8j5NA/M9RgdAI?a3tNKvAIAAlkTA/-uxNE1XE/cb325a/AhsHA0/W0Zlc/IANQAPNSgdbi35A_VHE?A6AAzOU?AAAEAH4_uAxBPy1-Eo662_pzPlHtp-/IIA3ATA/b2b7bc/Ak2gJ_b/APAc?a3EkwgPzjAARqEkHTzp/AA4M/A4HkpAeIsn2hAXvcNI_AcAArZG?QKEACTl1LRApuA/2ed7f4/SAV7bAPdA?mAnuATfU__AZOAou4ct?EZFIM0A3q5gExA5AYAHAX/IAAAqaIxAssM/mqXysGMWGNqo4","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"usvq.iqcspadv.top/","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"title":"404 - 找不到文件或目录。"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:56:31Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"usvq.iqcspadv.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":7,"received_data":62262,"sent_data":4707,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-11 18:12:19","alert_count":0,"request_count":9,"received_data":7988,"sent_data":2943,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-12T21:34:54Z","timestamp":1720820094,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":38928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-12T21:34:54.227006+0000\",\"flow_id\":2081330976148127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":38928,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usvq.iqcspadv.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usvq.iqcspadv.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":542,\"bytes_toclient\":1050,\"start\":\"2024-07-12T21:34:54.215711+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:50.750046892Z","timestamp":1720820090750,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BE84262BBB3F3AABAE368745BC3E85B816E372B16BC37327A1887D3A19992DF6\"\r\nLast-Modified: Wed, 10 Jul 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6204\r\nExpires: Fri, 12 Jul 2024 23:18:14 GMT\r\nDate: Fri, 12 Jul 2024 21:34:50 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ee5b6dc3e7ab972df60b36582e3eaaf4","sha1":"2a5185acc539fcddac9c33895ec74faf552b62dd","sha256":"be84262bbb3f3aabae368745bc3e85b816e372b16bc37327a1887d3a19992df6","sha512":"2d0acb707055bc8195de5f3885af1f1a96cd02f3eb1eebf31033b997b2a155347ae8a0f1647dcdb23264a7d4694fa8cd8289a4d5f171eb52e0466765fb5d0f9e","ssdeep":"","tlshash":"3cf00553005a7c42d3b20561285cd65a5d0d3d9e35554592f9400ae3f460bf8c5c505f","first_seen":"2024-07-10T17:35:11Z","last_seen":"2024-08-19T17:21:55.116113Z","times_seen":34251,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:50.753209961Z","timestamp":1720820090753,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C52EADE9ADDAF5B96532275714D3FA8C91A4E5F7B1287A3D17E8C2E9492F059A\"\r\nLast-Modified: Fri, 12 Jul 2024 03:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8722\r\nExpires: Sat, 13 Jul 2024 00:00:12 GMT\r\nDate: Fri, 12 Jul 2024 21:34:50 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"99ca9ac48d9c7dc638699b14599a47cc","sha1":"3e19f65886cf5ced393284e0fe31bf830288078d","sha256":"c52eade9addaf5b96532275714d3fa8c91a4e5f7b1287a3d17e8c2e9492f059a","sha512":"f431a20054c50ca1fb4508f5f14b1dd6f089049d33799328f4a7b173f85da3fe7aa3e69c1f1d880dcf37723825891580a3e95e3959f8e237254c741c419e7cb3","ssdeep":"","tlshash":"2af00e9123f57c54b9b5201d7bf0ca0a2825ada938128df224a40be9ae417a8c5dc987","first_seen":"2024-07-12T09:14:10Z","last_seen":"2024-08-19T17:12:00.178582Z","times_seen":12407,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:51.077552782Z","timestamp":1720820091077,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"4CD1772D378248E886EE96F55D956FF0856BA3F2EAE9F15A10136E68F450CA70\"\r\nLast-Modified: Fri, 12 Jul 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4651\r\nExpires: Fri, 12 Jul 2024 22:52:22 GMT\r\nDate: Fri, 12 Jul 2024 21:34:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"4a4d81b1c193182fe2b1122877e94203","sha1":"fd1f4427cb5867a8f63ae15825279827bbf768e6","sha256":"4cd1772d378248e886ee96f55d956ff0856ba3f2eae9f15a10136e68f450ca70","sha512":"61f4bb9acbba2561d6955e226c265da8580e55737249254d345d70033c9bf375f8ab0b16e5064f7881b57a9f1785e0f800c583a762503f3cac58e8c9c74e67cb","ssdeep":"","tlshash":"aff0c0d32fb6bd116632613e99a4c56a6e14eded3801326424a002e76c017658746598","first_seen":"2024-07-12T16:58:11Z","last_seen":"2024-08-19T17:09:42.492325Z","times_seen":38979,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:51.405060608Z","timestamp":1720820091405,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"85FAEDCB4C0CB0C34F3CD9424CD34550B97195CCF2307AA2A108CF8643415086\"\r\nLast-Modified: Fri, 12 Jul 2024 04:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8793\r\nExpires: Sat, 13 Jul 2024 00:01:24 GMT\r\nDate: Fri, 12 Jul 2024 21:34:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"22ed1a54c5ec2cea89d074f91aa80a7a","sha1":"992ac767733a3719e57c17ecd13f60faf590e0e1","sha256":"85faedcb4c0cb0c34f3cd9424cd34550b97195ccf2307aa2a108cf8643415086","sha512":"dc34fd95b5689841d3cf76167966171b28c9cc9258476aae3cf09f3e282c77d6fa34505bd8a47b38a1215b75fe1e1be55dfc8dd9aeb4ee2d429d9e42239055bf","ssdeep":"","tlshash":"3ef005262b517a0363713c0828d9c6195970bfeef45425d1a87011d25c10be95ee05cf","first_seen":"2024-07-12T09:14:10Z","last_seen":"2024-08-19T17:12:00.1797Z","times_seen":27874,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:53.255458532Z","timestamp":1720820093255,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10186\r\nExpires: Sat, 13 Jul 2024 00:24:39 GMT\r\nDate: Fri, 12 Jul 2024 21:34:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:53.257030374Z","timestamp":1720820093257,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10186\r\nExpires: Sat, 13 Jul 2024 00:24:39 GMT\r\nDate: Fri, 12 Jul 2024 21:34:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:53.257942446Z","timestamp":1720820093257,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10186\r\nExpires: Sat, 13 Jul 2024 00:24:39 GMT\r\nDate: Fri, 12 Jul 2024 21:34:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:53.25882376Z","timestamp":1720820093258,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10128\r\nExpires: Sat, 13 Jul 2024 00:23:41 GMT\r\nDate: Fri, 12 Jul 2024 21:34:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-12T21:34:53.259669428Z","timestamp":1720820093259,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10128\r\nExpires: Sat, 13 Jul 2024 00:23:41 GMT\r\nDate: Fri, 12 Jul 2024 21:34:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:54.769Z","timestamp":1720820094769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Fri, 12 Jul 2024 21:34:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Fri, 12 Jul 2024 22:34:54 GMT\r\nLocation: https://usvq.iqcspadv.top/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=U39P0FdGjLzoXv%2BvmBuukycpPzYBlm2fK36V8TOA7x9gulyQc7QxTSJOoPLIDHnupGXzthK6qNEzcY5ZEE%2FJpD94vrtPNZ5VBDkFWn1mzspGg8cS0IR9xtWEuanqGTvYwO2DQw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8a2428f4d829568f-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":167,"size_decoded":167,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0104c301c5e02bd6148b8703d19b3a73","sha1":"7436e0b4b1f8c222c38069890b75fa2baf9ca620","sha256":"446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f","sha512":"84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf","ssdeep":"","tlshash":"c4c08cad6b523c98b8a73b3960c3a1a0e2ec803022d9042202b04a07f0cb1e78ec23d1","first_seen":"2023-04-05T06:32:17Z","last_seen":"2025-09-21T18:05:05.674757Z","times_seen":190494,"resource_available":false,"data":null}},"time_used":3947,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3947,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-12T21:34:54Z","timestamp":1720820094,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.12","port":38928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-12T21:34:54.227006+0000\",\"flow_id\":2081330976148127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":38928,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usvq.iqcspadv.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usvq.iqcspadv.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":542,\"bytes_toclient\":1050,\"start\":\"2024-07-12T21:34:54.215711+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:54.769Z","timestamp":1720820094769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=051zx3etdztpebgxnhxbher5; RdStr=051zx3etdztpebgxnhxbher5\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 12 Jul 2024 21:34:58 GMT\r\ncontent-type: text/html\r\ncache-control: private\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Pn0n7YWTeK4d42gbxKJ2XNEQYwS7K2NGtXgkR%2Bgu9Fqyjg3e5VbcguAZ3vuyidqUrOhGwGa6HW5zkJfsTq3pRrQ6AWHnE2KjbWgqyWwlnbtFjHwcEHAXF0oBvOKDrDYuia5t0Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a2428f849f9712a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":696,"size_decoded":1163,"mime_type":"text/html","magic":"HTML document, ISO-8859 text, with CRLF line terminators","md5":"8363acaeab9cbb099b59b78a44127ca6","sha1":"aef448ce5500e3734059ec285cf6ec0b547075f2","sha256":"9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a","sha512":"a431f7ee4cdc3c7c6edf43736e007e314a0f8c4d05706dbdf75b629b15bee335d173abc071568f447d78b4c43aba02017c1993d6da86a1acdde904eb287cb30c","ssdeep":"","tlshash":"2821412987d42804faa7c4e170f2b3e63e478646f59b4b9fb4127257d5c26a6c1d3388","first_seen":"2023-04-05T10:47:33Z","last_seen":"2026-04-20T22:49:29.456951Z","times_seen":14634,"resource_available":false,"data":null}},"time_used":3947,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3947,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-12T21:34:54Z","timestamp":1720820094,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.12","port":38928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-12T21:34:54.227006+0000\",\"flow_id\":2081330976148127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":38928,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usvq.iqcspadv.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usvq.iqcspadv.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":542,\"bytes_toclient\":1050,\"start\":\"2024-07-12T21:34:54.215711+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:54.769Z","timestamp":1720820094769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 12 Jul 2024 21:34:58 GMT\r\ncontent-type: text/html\r\ncache-control: private\r\nset-cookie: ASP.NET_SessionId=luyaajwtvzigwncaawfdpltd; path=/; HttpOnly\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=aut3t%2BN9RGrJ8Q2ok7Rna%2BaL4I2OFC4nBq4kM7kwvYC0x8FB3pGSVOTgfRjzSTE4x31JSp9SBYjoNPEoTr9DvKhu%2BVE2U0R8GN0jz3y9EtjYxoYRzx%2Bhj99Om%2B01YultDMCjYw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a2428f519670b31-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":4373,"size_decoded":1163,"mime_type":"text/html","magic":"HTML document, ISO-8859 text, with CRLF line terminators","md5":"8363acaeab9cbb099b59b78a44127ca6","sha1":"aef448ce5500e3734059ec285cf6ec0b547075f2","sha256":"9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a","sha512":"a431f7ee4cdc3c7c6edf43736e007e314a0f8c4d05706dbdf75b629b15bee335d173abc071568f447d78b4c43aba02017c1993d6da86a1acdde904eb287cb30c","ssdeep":"","tlshash":"2821412987d42804faa7c4e170f2b3e63e478646f59b4b9fb4127257d5c26a6c1d3388","first_seen":"2023-04-05T10:47:33Z","last_seen":"2026-04-20T22:49:29.456951Z","times_seen":14634,"resource_available":false,"data":null}},"time_used":3947,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3947,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-12T21:34:54Z","timestamp":1720820094,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.12","port":38928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-12T21:34:54.227006+0000\",\"flow_id\":2081330976148127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":38928,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usvq.iqcspadv.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usvq.iqcspadv.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":542,\"bytes_toclient\":1050,\"start\":\"2024-07-12T21:34:54.215711+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:54.769Z","timestamp":1720820094769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=051zx3etdztpebgxnhxbher5; RdStr=051zx3etdztpebgxnhxbher5\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 12 Jul 2024 21:35:00 GMT\r\ncontent-type: text/html\r\ncache-control: private\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3i9I2qTE7AM8XZA1zwoG96oXqd5GPXSpC0DmAdMRnG6mgFcExFg3DY7BA0k7BFXDq1%2FNVF7xX%2BHK9Olzj6oE5YVyTNY3sLRQRl142G8j%2F%2FsBR9uf1JQMfVikVFyAgipLywP3tg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a242912cdf0712a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":17736,"size_decoded":1163,"mime_type":"text/html","magic":"HTML document, ISO-8859 text, with CRLF line terminators","md5":"8363acaeab9cbb099b59b78a44127ca6","sha1":"aef448ce5500e3734059ec285cf6ec0b547075f2","sha256":"9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a","sha512":"a431f7ee4cdc3c7c6edf43736e007e314a0f8c4d05706dbdf75b629b15bee335d173abc071568f447d78b4c43aba02017c1993d6da86a1acdde904eb287cb30c","ssdeep":"","tlshash":"2821412987d42804faa7c4e170f2b3e63e478646f59b4b9fb4127257d5c26a6c1d3388","first_seen":"2023-04-05T10:47:33Z","last_seen":"2026-04-20T22:49:29.456951Z","times_seen":14634,"resource_available":false,"data":null}},"time_used":3947,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3947,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-12T21:34:54Z","timestamp":1720820094,"ip_dst":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.12","port":38928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2024-07-12T21:34:54.227006+0000\",\"flow_id\":2081330976148127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":38928,\"dest_ip\":\"188.114.97.1\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"usvq.iqcspadv.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://usvq.iqcspadv.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":542,\"bytes_toclient\":1050,\"start\":\"2024-07-12T21:34:54.215711+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/favicon.ico","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usvq.iqcspadv.top/","date":"2024-07-12T21:35:00.306Z","timestamp":1720820100306,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usvq.iqcspadv.top/\r\nCookie: ASP.NET_SessionId=051zx3etdztpebgxnhxbher5; RdStr=051zx3etdztpebgxnhxbher5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 12 Jul 2024 21:35:00 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 30 Nov 2023 12:13:25 GMT\r\netag: W/\"8d495b9e8623da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kOMd8QrQJLvr26KlH8xPP09SiekVH8dVeIKFqs6njFXFLosQYkwjRHWCl7%2BlobKQSsCA0LILmUVd1q0T934WWR1q96rigEWbCE9%2B%2FhBnccp7a8q6pLLeXS58uoDdVYXFhMM8RQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8a24291a9c91712a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32038,"size_decoded":32038,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3f0f72ed57a54b97cda500bcf0545efb","sha1":"2f252619c18e729d98e16b96d37cd7cd567b38eb","sha256":"67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943","sha512":"ea68c54a3ca39a47555a41ae5fc3723f1e7c06b3ad1776ee7082ffbff48277d2b4ee7ca1753165c2dccdf7012eb0cbe29cdbde21dc05373a07cf18e23de37e54","ssdeep":"192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn","tlshash":"6de2207b2193e200e49136f0adeaa4f059556f9a54708f19b0ba3d7de37a82bfc1d04d","first_seen":"2023-04-05T10:33:55Z","last_seen":"2026-04-29T21:01:27.386257Z","times_seen":28737,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":687,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/?hash=ab0370d2036b51alwtm/403e68/hzshsdaa4-e6/aiiv2i2auvsebkzazsatvapa/ai2iata/?afc2aabrayy3zblakp9uhaw5npjv/6a17c9/ajaa8awhwy?_rgegpawskiedqaaiitt/awsda/xaa_z5h?cnisaodi2wh/mabesa5ihzh5q5e4aaac_/06d9c1/aanvja/er59av-t2_1x4zaa/ay1wa_czcgkpal4a7snzgh1ua...~311~...ebryar2kisglhaa?pwqjqaapa6__gw/62e1c0/__uCAU8A?aAHA4E?3smx7Js6/rgUPAA3sqlN/XupeAI_P_UAr--xA5wE3A/Dw9AKO64Az-ARALAn4Ig/33d93c/8EjF2A?7/LAoAaABA_aIFsYmxP86_ALaSTu/WxAAh_A2AksdKaAHrVaE4IxcA/g0moU5NE?_HEAuAnA/277bb8/fjiMAC/NAPAjAz2?AAnEsQU3Af_ZHgN5A?ATTHz2EAseAjAiIjAZrNGg6KI4mAU_M/E5J9nqAKnLfv/ff3210/AUWsTA-AUA8HAy/JykIlg_A_GN7ds7-?I8_eXAyAN/Ec0UAxAnVhEyuoMLFM38?AI4_AAibAAfAASV/75112d/Cs-E9ZA9v_wLNx2DkADAVngnrTfOHA/9A2XlOAAUcy-k/Zv-mAr/AN4gRA?AkpAMCAVsHIqIyA4/5fecd4/qHA0mmfiALsITVAOEAui0oFxsA043KL2uY8dZ4AAe5/m9APTe/zAVA1EyUCAy-/AZrwz?m3KAYA/a4a117/g7sAj2A_R/nEEAa7HATYiAAu?AIl4vA-bBQAQFZ_7tXc_tAbI?rhA_fJm75t/iJyNAJEAAOAUbAhEn/22e0e8/_AcGAoN566iVAo6E0dn6_0IA/gE5Nx/mAQvAIbA9ZQ/pLmAR?-AE6AOsA1mIP?8Ai6AKy4AgqkwAHAh/2655d0/A9dcy4t_ljfA4w?_imXJsAspAIAma/VA4AGrAA8l8H8j5NA/M9RgdAI?a3tNKvAIAAlkTA/-uxNE1XE/cb325a/AhsHA0/W0Zlc/IANQAPNSgdbi35A_VHE?A6AAzOU?AAAEAH4_uAxBPy1-Eo662_pzPlHtp-/IIA3ATA/b2b7bc/Ak2gJ_b/APAc?a3EkwgPzjAARqEkHTzp/AA4M/A4HkpAeIsn2hAXvcNI_AcAArZG?QKEACTl1LRApuA/2ed7f4/SAV7bAPdA?mAnuATfU__AZOAou4ct?EZFIM0A3q5gExA5AYAHAX/IAAAqaIxAssM/mqXysGMWGNqo4","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:51.334Z","timestamp":1720820091334,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET /?hash=ab0370d2036b51alwtm/403e68/hzshsdaa4-e6/aiiv2i2auvsebkzazsatvapa/ai2iata/?afc2aabrayy3zblakp9uhaw5npjv/6a17c9/ajaa8awhwy?_rgegpawskiedqaaiitt/awsda/xaa_z5h?cnisaodi2wh/mabesa5ihzh5q5e4aaac_/06d9c1/aanvja/er59av-t2_1x4zaa/ay1wa_czcgkpal4a7snzgh1ua...~311~...ebryar2kisglhaa?pwqjqaapa6__gw/62e1c0/__uCAU8A?aAHA4E?3smx7Js6/rgUPAA3sqlN/XupeAI_P_UAr--xA5wE3A/Dw9AKO64Az-ARALAn4Ig/33d93c/8EjF2A?7/LAoAaABA_aIFsYmxP86_ALaSTu/WxAAh_A2AksdKaAHrVaE4IxcA/g0moU5NE?_HEAuAnA/277bb8/fjiMAC/NAPAjAz2?AAnEsQU3Af_ZHgN5A?ATTHz2EAseAjAiIjAZrNGg6KI4mAU_M/E5J9nqAKnLfv/ff3210/AUWsTA-AUA8HAy/JykIlg_A_GN7ds7-?I8_eXAyAN/Ec0UAxAnVhEyuoMLFM38?AI4_AAibAAfAASV/75112d/Cs-E9ZA9v_wLNx2DkADAVngnrTfOHA/9A2XlOAAUcy-k/Zv-mAr/AN4gRA?AkpAMCAVsHIqIyA4/5fecd4/qHA0mmfiALsITVAOEAui0oFxsA043KL2uY8dZ4AAe5/m9APTe/zAVA1EyUCAy-/AZrwz?m3KAYA/a4a117/g7sAj2A_R/nEEAa7HATYiAAu?AIl4vA-bBQAQFZ_7tXc_tAbI?rhA_fJm75t/iJyNAJEAAOAUbAhEn/22e0e8/_AcGAoN566iVAo6E0dn6_0IA/gE5Nx/mAQvAIbA9ZQ/pLmAR?-AE6AOsA1mIP?8Ai6AKy4AgqkwAHAh/2655d0/A9dcy4t_ljfA4w?_imXJsAspAIAma/VA4AGrAA8l8H8j5NA/M9RgdAI?a3tNKvAIAAlkTA/-uxNE1XE/cb325a/AhsHA0/W0Zlc/IANQAPNSgdbi35A_VHE?A6AAzOU?AAAEAH4_uAxBPy1-Eo662_pzPlHtp-/IIA3ATA/b2b7bc/Ak2gJ_b/APAc?a3EkwgPzjAARqEkHTzp/AA4M/A4HkpAeIsn2hAXvcNI_AcAArZG?QKEACTl1LRApuA/2ed7f4/SAV7bAPdA?mAnuATfU__AZOAou4ct?EZFIM0A3q5gExA5AYAHAX/IAAAqaIxAssM/mqXysGMWGNqo4 HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 12 Jul 2024 21:34:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /4c4437/EEliucyINA2yAA9wLAZgkvA_?M/pgePCAARA5dAtO5WpW7mHjA73IAafI/ANAi7VRuAnhJysc4\r\nset-cookie: ASP.NET_SessionId=051zx3etdztpebgxnhxbher5; path=/; HttpOnly\nRdStr=051zx3etdztpebgxnhxbher5; path=/\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=i%2Bzw0aO5JGnMbddk2imoDy83F3GksqqOxZgzCWnHv%2Bu7oFBfGBtgZhhL97a7XfUvlmyVJjTaXSlM9isbKei70m2DWkYo3rsNw3IPLTHiHvDKbyVTfFI7L7pXrIwGM8HXby0EzA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a2428e2c91a56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":2019,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":2004,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usvq.iqcspadv.top/4c4437/EEliucyINA2yAA9wLAZgkvA_?M/pgePCAARA5dAtO5WpW7mHjA73IAafI/ANAi7VRuAnhJysc4","fqdn":"usvq.iqcspadv.top","domain":"iqcspadv.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-12T21:34:53.337Z","timestamp":1720820093337,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iqcspadv.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 03 Jun 2024 13:42:40 GMT","end":"Sun, 01 Sep 2024 13:42:39 GMT"},"fingerprint":{"sha1":"44:0E:6F:CE:FA:D3:5B:E0:A9:AB:BE:F5:93:34:E0:0C:49:EE:5E:2A","sha256":"7F:D0:D4:84:6D:29:FB:50:D0:15:F0:AB:A4:5E:0A:29:71:DE:EF:A7:04:A0:99:5E:7A:B4:AA:E2:87:7A:4C:D6"}}},"request":{"raw":"GET /4c4437/EEliucyINA2yAA9wLAZgkvA_?M/pgePCAARA5dAtO5WpW7mHjA73IAafI/ANAi7VRuAnhJysc4 HTTP/1.1\r\nHost: usvq.iqcspadv.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASP.NET_SessionId=051zx3etdztpebgxnhxbher5; RdStr=051zx3etdztpebgxnhxbher5\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 12 Jul 2024 21:34:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nlocation: /\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=P59mnypqq2KpWx1YFddLsYBsmgWoLLOqljZzXXj4GJNkmz4Bb743KUEr6lWVFs6lwy7JUv5P6RGyHtYcV8pVFN1uDwGyfAxn3lPvOVOmRCLfiiGUp83ebyPtqhySjhnSfLWF6g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8a2428ef5d9956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1163,"size_decoded":1163,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":1417,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1417,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}