{"report_id":"ce7f534f-a5b5-44b2-afa6-7f603425b7d5","version":6,"status":"done","tags":[],"date":"2026-03-20T03:46:18Z","url":{"schema":"http","addr":"gov.dang.life/","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"final":{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"title":"dang.life","dom":{"size":104302,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (13569)","md5":"3ceded48dd268eef1d3b75c5e41bf563","sha1":"88a9a944acc7b6329ed61fdd39005f2d5d7e6a78","sha256":"318fbfc1cd8ee25ed4515ef425996aec5a19c5ba5cc0ff9a255e0a03f25d2dfc","sha512":"26d98cc884f7c598c2540d3639d1def7265440c61409d1f381bf3d42ee6008c1ba5fb19c9a01949a4918097bedae4b8186fd1672c4e487fad43139fb693937cb","ssdeep":"3072:N+7lkMQSH3MMrGAFQ92feAILfy4pbxoiyHALjfHkkP7UuX2DPYc:ilknSH3MMrGAFQ92feAILffP7UuXuPz","tlshash":"46a33a8d38837032473a1495b53f2e8ef67a246b76cd8840b6e5db61386cecb4513d6d","dom_hash":"domhash3dad8800ac34a2c78ec6825d43e5dab2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gov.dang.life/","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-24T03:46:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:45:57Z","timestamp":1773978357,"ip_dst":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"ip_src":{"addr":"Client IP","port":43824,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:45:57.155691+0000\",\"flow_id\":299225052378281,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":43824,\"dest_ip\":\"103.224.212.211\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"gov.dang.life\",\"url\":\"/?tr_uuid=20260320-1445-5545-bc72-3bf74c0f187d\u0026fp=faed01b113cfb270c624ee1aa793ad6c\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://ww38.gov.dang.life/\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":785,\"bytes_toclient\":331,\"start\":\"2026-03-20T03:45:56.816297+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"ip_src":{"addr":"Client IP","port":59912,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.156325+0000\",\"flow_id\":2111873050180257,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":59912,\"dest_ip\":\"103.224.212.211\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":567},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":550,\"bytes_toclient\":1002,\"start\":\"2026-03-20T03:45:59.817825+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.800087+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Z2fAXKfDZxu5YaFQtQwsqR1h6TwSS9XCqxdaKxzKvQG5L8OEhcQA6Q._V500Fgwf6QekeQhAZHcyA.2IueS8Z8uLaaLYmDQNQHy5ssj8BALHqYozH2DWPB00hhy60hPzHmQor2Utkp7dX2CKW8kpMVq2uqvmf8gRSdTDCvLih6zGuaDF6cR6gT5aJErNpo2Snx_ACCu6yoKaZSfuZSHwNyiw194E_SJGqH0rVskVEzyPVHjHhjL5BnZ90MlIDju6XYN5bkvEYMGW9p0UWL8eCR7YCZLHDmWBj3Ng.Th7BlfGV7KoO2hvvu_Z_ag\u0026t=69bcc2f8\u0026token=c3c85550d2658a51d6520f04af377cc11d51def2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://ww38.gov.dang.life/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":146},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1729,\"bytes_toclient\":6700,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.951629+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/x-icon\",\"http_refer\":\"http://ww38.gov.dang.life/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":11,\"bytes_toserver\":2198,\"bytes_toclient\":6984,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:01Z","timestamp":1773978361,"ip_dst":{"addr":"Client IP","port":45262,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-03-20T03:46:01.351948+0000\",\"flow_id\":1893040171625004,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"3.248.162.96\",\"src_port\":443,\"dest_ip\":\"172.18.0.3\",\"dest_port\":45262,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=*.primecirclenet.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA\",\"serial\":\"36:5E:83:AA:A6:DD:00:EA:EA:1E:D9:30:DE:9C:BD:80\",\"fingerprint\":\"10:cd:ce:40:54:75:ed:33:2b:ea:d8:63:1d:3f:b6:67:59:16:7b:8e\",\"sni\":\"obseu.primecirclenet.com\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-01-29T00:00:00\",\"notafter\":\"2026-04-29T23:59:59\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"80d47c47e3ce91bc3bd0a026dbd1664d\",\"string\":\"771,49196,5-65281-16\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1217,\"bytes_toclient\":3915,\"start\":\"2026-03-20T03:46:01.240172+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"s.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"l.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"realtimesearchresults.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"realtimesearchresults.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"obseu.primecirclenet.com","ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2026-01-28","domain_rank":0,"first_seen":"2026-03-04T09:51:25.656484Z","last_seen":"2026-03-18T10:11:40.741621Z","alert_count":0,"request_count":6,"received_data":5454,"sent_data":5010,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.cdn-fileserver.com","ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-08","domain_rank":1473336,"first_seen":"2025-04-11T18:11:28.393379Z","last_seen":"2026-03-16T02:37:50.860558Z","alert_count":3,"request_count":3,"received_data":45288,"sent_data":1522,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"l.cdn-fileserver.com","ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-08","domain_rank":962880,"first_seen":"2025-04-11T15:28:22.753596Z","last_seen":"2026-03-16T02:08:17.726665Z","alert_count":3,"request_count":3,"received_data":2613,"sent_data":9118,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"s.yimg.com","ip":{"addr":"188.125.94.206","port":443,"asn":10310,"as":"YAHOO-1","country":"Sweden","country_code":"SE"},"domain_registered":"1997-05-14","domain_rank":4553,"first_seen":"2012-05-20T22:45:00Z","last_seen":"2026-03-16T02:37:50.700081Z","alert_count":0,"request_count":1,"received_data":26181,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"realtimesearchresults.com","ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-02-14","domain_rank":464056,"first_seen":"2025-03-28T05:14:07.92032Z","last_seen":"2026-03-14T02:32:33.921534Z","alert_count":2,"request_count":1,"received_data":70332,"sent_data":1290,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"ww38.gov.dang.life","ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-20T03:46:19.541537Z","last_seen":"2026-03-20T03:46:19.541537Z","alert_count":4,"request_count":4,"received_data":16801,"sent_data":2017,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"yfdpco1.com","ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2025-03-20","domain_rank":2753637,"first_seen":"2025-07-30T06:43:08.0267Z","last_seen":"2026-03-16T02:46:18.787277Z","alert_count":0,"request_count":1,"received_data":10790,"sent_data":639,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"gov.dang.life","ip":{"addr":"103.224.212.211","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-20T03:46:19.55757Z","last_seen":"2026-03-20T03:46:19.55757Z","alert_count":2,"request_count":4,"received_data":36019,"sent_data":1923,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"msadsscale.microsoft.com","ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1991-05-02","domain_rank":241518,"first_seen":"2025-01-13T10:51:37Z","last_seen":"2026-03-18T12:21:33.165775Z","alert_count":0,"request_count":1,"received_data":73333,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"euob.primecirclenet.com","ip":{"addr":"3.164.230.34","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-01-28","domain_rank":0,"first_seen":"2026-03-04T09:51:25.652211Z","last_seen":"2026-03-18T10:11:40.645786Z","alert_count":0,"request_count":1,"received_data":122364,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6559111e4eae643ce013ce0821e91a02","sha1":"fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a","sha256":"d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400","sha512":"a6e3e096076dc152b69e95709dad8925c9c2799c23ad226b9ce7b6ee78936bea7300b66c92821ea0728ce7433d4f53787f27f5e7101f97e4d882be0a461fc051","ssdeep":"","tlshash":"407000000380020020c80233a200882af228003c00030200c008888800a808002080c2","size":25,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T03:44:57.810063Z","times_seen":332953,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"889ca9e2c79a3ce7aaadbcdfd0ce4ef5","sha1":"b05c2c051bae71f80cb8c289e5a42d4f96d323fa","sha256":"6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8","sha512":"122a494d50a5e8077cdda40e8d6edb442bb9d89fff078852aad7f84fe24f1c58fe693f0388ca6c9453d1b33036da0b9c4e9fb394a18268e254d306ffc2ca57a3","ssdeep":"","tlshash":"46a002d4b4ed8125564583390104d91cf936c934c0d5701873f0466ca6e700a53610b2","size":62,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T03:44:57.811883Z","times_seen":333000,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yfdpco1.com/sk-park.php?pid=9PO15V947\u0026dn=dang.life\u0026ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0\u0026requrl=http%3A%2F%2Fww38.gov.dang.life%2F\u0026al=en-US%2Cen%3Bq%3D0.5","fqdn":"yfdpco1.com","domain":"yfdpco1.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"74552a3b2e03b86a34e4a823d2b009fa","sha1":"2f27bcc4b31521a94354682283fb8704f83f81f5","sha256":"baeeb6a3434f703785c48766ee93bfb578ad37c93bc5afd5d03d3096dbf274ff","sha512":"8f066c84fbcc7b107bb24827b1b2087cdf56fce7e688665580a1d2f495f3fe4c5ddede1cde896a7a1fe2bc5b5d8af8f508f138ef192d0fef955514d1f061a19c","ssdeep":"192:gNAHMAIfM78okaVEYT2HhfLGAvXNAHMAIfM78okaVEYT2HhFfyqi6jBwVJy:gNAHcaqTdyAvXNAHcaqTHyL69w+","tlshash":"3a12299152f448508ccf00d2cfbebfdda46ead22bcac640c49c4ca90603eb675d56de1","size":9679,"data":"","first_seen":"2026-03-20T03:46:25.643517Z","last_seen":"2026-03-20T03:46:25.643517Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"99c4e6fd07f45656ca3a491199435c5a","sha1":"9364707687f1d1f42a67b78dffdb8f6dee389123","sha256":"23851609ee25b327873705a3838c87a2b01be9179d18ba2996bb21936ddf06f7","sha512":"3e48341118cf55550e9fe898deeeda87bbd85d2eff2582562ae8533fc1fc1bba6c9658382cc0c29311e0e66fccf8db44c92725464c5146c02bd86efa0321eb18","ssdeep":"","tlshash":"fc21238a18f70419577b20dd0f0f8488b5356c5f2288cf16bc0c16803f7467ad676bea","size":1280,"data":"","first_seen":"2026-03-20T03:46:25.644394Z","last_seen":"2026-03-20T03:46:25.644394Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.primecirclenet.com/sxp/i/636f8b858f681acb7bfa6f583a96630a.js","fqdn":"euob.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.164.230.34","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef287973bbf79645f483e0b89805c24f","sha1":"07c9f19a5b3c4c5c88452320c63d7f131228a00f","sha256":"aefd1799aee2a4a1bee047144fc3942f78ddbb11270a25d11d5afcc6168ded70","sha512":"1c35ee3c44279118cac0681545711983d5f2b7acd1b3e509c0e9986f5e928c244ef771c835a45c4037b08fe691a952910c2d880232531f2866d2687e4e3dee41","ssdeep":"1536:XOuWmlw1eU32zEb0wu0RnWuGyVxlicnYtMolHAEh8sqrfje+wUK8LonhdbErReKG:+4lwAZP0RGyARWsqumrRnvlyv/","tlshash":"20c3d6adb2f27025439335a5147f410ae27b1e543c4b8290d17ae9d4ac7ce8e857bfac","size":121862,"data":"","first_seen":"2026-03-15T13:25:10.579891Z","last_seen":"2026-04-05T03:52:04.708378Z","times_seen":6473,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e5d8c139688b25ef77b263d88ea99150","sha1":"7abc9c61c4966543f66d150c0155bfac575f86a7","sha256":"53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148","sha512":"1cd4eb192d987ea1b21f3b553eea3881c807f8bf4a5299982675d57314a0eaa084db1722c38d02eb73178660ecb1ca3667a795a512527f843f2526dc0a99dc20","ssdeep":"","tlshash":"7440000000003000033c0000000000c0000c00000000000000000c00030000000c0000","size":7,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-05T03:44:57.806512Z","times_seen":333053,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe43622b86a9293f7d94436142bdfdc6","sha1":"01ef22d8f3292bea2b0cfa63e49be5ee758899eb","sha256":"f06061820c8cc9e6d88231bddef898d9ce4a8326f6e00e30e0aca3f924ad3dd4","sha512":"a8cf2feaa0a396472300a52b5d37f123be2249d274c947da255ba4f99a644139d92e010b65461b9575a4e63cddb1e717a085282c435d182186b0e51885f654d5","ssdeep":"","tlshash":"3e70008880202a0000e0080c030323b0238080a88cc28000822ea0033080e030288a8a","size":24,"data":"","first_seen":"2025-03-08T00:25:13.703666Z","last_seen":"2026-04-05T03:47:17.277537Z","times_seen":140274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"4a2b7087529c0a3ffbd9d1562326fc27","sha1":"ac05392906689c1fcec80a2b99b75bf5dd581350","sha256":"c056b4793c96a6ae01eb820fbaa40cd43ec2ec7ba31f5b1eef049a882c16739e","sha512":"92a5ed212cbf42ccd740c95956479e582a0832def77d28c5592e3c9543cd7214bfcecbc7d8169f1b78f6e3bb1366d4b0a1825b5265481da8c1dcb9163303b50d","ssdeep":"192:kDkra9yVScezy5ATmaBKAR+YIbkMXgSH3MMrGAFQ92feAMLFAkfyWhVi:AkrEydCCbkMXgSH3MMrGAFQ92feAI+kU","tlshash":"7ce1b74984bacd6141ad25debc7c2d8e28de380cb9cc359eebc2f995545f979ee0050c","size":7138,"data":"","first_seen":"2026-03-20T03:46:25.646325Z","last_seen":"2026-03-20T03:46:25.646325Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gov.dang.life/js/fingerprint/iife.min.js","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":false,"md5":"63f9fd621d1fbd53b7c5856e58c11ccd","sha1":"a46973c2fbdbfeb159e0d717a90f88307e274012","sha256":"c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089","sha512":"d4df433c7368ec078fbc473398a4ab21e6da20950ac4db34338623296887db40320b05b9bde6130e43d2b55c82b81a56b60bab0d6a4c97df54a0cb7a8f09325b","ssdeep":"384:XhQYTcHRx9vfQxcuK83ERxXYxMvtTpIBNwBUZXLew5gc+RW7+5ERNFaqE8E0QI+V:XSbHRTArOGSoyISuNwxJzZbPePKe9y","tlshash":"6cf207d8b2c3b02d227378ba497f6006b63abd55641c4803d57be5c178a4e5a813bfb8","size":34240,"data":"","first_seen":"2023-05-01T16:20:27Z","last_seen":"2026-04-05T03:50:26.033216Z","times_seen":35626,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b525cf8ebd962811007b8d5664ed332","sha1":"3d6e339a2e51071280db0f7e0e72f4beff1b7e3f","sha256":"9a2fc2de09ddd5dbe83a33b037c4519972a252103614203019dec30522301fdd","sha512":"b8a7dfd8f65660c948daea9a5177f217a66dc3246bcc7acfefadf6c35c761208f9a99c73cd960e6081e0765b370ffbb178151bf792784c05de5c822b56ebb936","ssdeep":"","tlshash":"79c08c7b3c8220304edf725e281c93883860c206a883a202fc2c08ed4ff1e47323ab58","size":164,"data":"","first_seen":"2025-10-01T08:32:45.366407Z","last_seen":"2026-04-05T03:52:04.739794Z","times_seen":59703,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-04-05T03:44:57.806038Z","times_seen":353716,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce1c6b7bae9fd6a08b42f325c67aa04e","sha1":"5b8359a9249372a093303f8558a5ca50b4bd6eca","sha256":"dd9a9aa53adf9c094d5ef2ab83f2aabeef7f6eb993773b2d44c38ccc64e96ba7","sha512":"9f467fa6ed3ad3d6ee33e120ec94597c91bf52f03a65a31177319f71cc03902e63433d604c524c1accb3b0a8641f58d0ad32108067199e3fc71c9f363011df6f","ssdeep":"","tlshash":"51f0a76d8fd710613566911e725ef3d4b498909732a3c409f9ec96440f42a1ea7792fc","size":464,"data":"","first_seen":"2026-03-20T03:46:25.648316Z","last_seen":"2026-03-20T03:46:25.648316Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"l.cdn-fileserver.com/bql.php?vgd_len=5582\u0026\u0026vgd_l2type=dmola\u0026fp=V5fAhCL0dNvdAf05ovOVwecb24iM8i8j4PhKd39Yowo40ix69VvKVU__RdxsaR9D86U3nZs4y_UneCPA2WSC0mvQyhXou5KRV444UeZ4m2A6BAVgoGczc1V_8k2C2gA6\u0026cme=iNq2v1RqAptPmD96hi9N4h0aeEXwIeMwtX2cH1D7gb-BsdIbHFQYX-PtWPxu1Fj6Q55oVV00r4jtdnUWR4t7DSn16rvzyHdST4BkKL9omFt5ORcEA6OqEN7oF8WVXazY__VRJ8d6gOoMumOTPgvnW31m9WGxtro9iXjpcRGQNJxqqcoUcNXsNJe_nZVFzk5lwaRN3EU0XJuJ_0x--DSeQYcjJ2NmwT56uZDlbd72n3ermGQp4bnnjghQduIXCwLCr6Y_h8QCuuAD8S-X0l9ghQ%3D%3D%7C%7CgKezN8EFkjQ9KrDVPyDiPL_MMAZ8CD0GUt69s6vTHxaSj91FLa3s-1SX7-EWtufPuPOimsbRLlsT5Y5aYe3mwUx1ZaJdBZjCC9OJa8FFT_HCc7QHXlIaAgmqse1FiF0DhPIpsfCJNB2H49zF53ElpZGPEmR2ZMpIhBZyRCyy92LAIpcz2cJFNT3L24Mq0P59kCi9wvCMBitsDbK8vR-2trTYZmFDMzpMTeXA6F-XHxEWgwru9GpSJyOLBIhqhjD6U5tq7twNCqCKldOuaEwPXTW9euYetqaXnp5UqnSuPS1g5iEnOV5g6PHX13OIxW5m-8iEiFVgJEZZh738jfiMZuL14XZYvlasAynFTj9ux_xYYc7IUxwvPcxLnomtqsdWSSFw2YuNgxP-WhDVulGG6mhM-6o9eTL_TsBCPEpeQE0Pe0KGi3b_rijDDncz3SG1IhDO0IECYEwaUu9YI5wu2pqQPlHmgp7fQDZ3xIC-CTZcQAuBIP4xbIC7vF4R3j7RWLf0VwS97EYogjd7NBnZVvYedc2FYskmL74_wS4w8r9EFx6XzM2xGfUf0KTWQY44rlpqElBOmsZ81kdmDVe1bRm_IHs9OdBgDG8QdHJKHDo4kedZGnbD1PmnqCbTlyjhLYS5S4elnhpDZJBcOlyta4PPl7uGCWmydoGX9uSmI5PuLGpEBMfHAQ4oEPfCo7pdnoYJf32Hw7-Tl_21uPL3UspxmYeYB6PRpCGTVQ6zWFLDdYbu-RXHThNE5x5-Jdu7rwJ11dKJS1WLb3dd4ua68REQuhGvaTYF%7CWOR44ZnjshyX0FEZj6c52uG8KGTsvju_%7CWtJPvijWHRsfBv4nOZN-Vs0s0qvvEfG0%7CxDcVMoSqRIQy7pX6tOEPXGREHJWXEncEd0ZPyy5ztRg%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C\u0026ksu=360\u0026fdkt=658\u0026vgde_kbbh=fuoyxQBuGUBO\u0026kwd[]=Mental+Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=1\u0026kid[]=121960222\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D16008%7Cclid_serp%3D22327%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.1570%7C7%3D0.0038%7C8%3D031920%7C13%3D0.0196%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4487%7Ckcucs%3D0.5666%7Ckcucs2%3D0.5666%7Ckssks%3D5.0000%7Crcid%3D236535%7Cclpr%3D1.000000%7Ccllvl%3D3%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593560793344\u0026kwd[]=Healthy+Living+Tips\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=2\u0026kid[]=13453153\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D5997%7Cclid_serp%3D5997%7Cakp%3D7%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.6459%7C7%3D0.0037%7C8%3D031920%7C13%3D0.0143%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.5094%7Ckcucs%3D0.6566%7Ckcucs2%3D0.6566%7Ckssks%3D5.0000%7Crcid%3D31828%7Cclpr%3D0.875100%7Ccllvl%3D1%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514268841193204941056\u0026kwd[]=Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=3\u0026kid[]=30608434\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D34992%7Cclid_serp%3D22327%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.2674%7C7%3D0.0046%7C8%3D031920%7C13%3D0.0106%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4534%7Ckcucs%3D0.5354%7Ckcucs2%3D0.5354%7Ckssks%3D5.0000%7Crcid%3D130517%7Cclpr%3D0.947800%7Ccllvl%3D2%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593577570560\u0026kwd[]=Funny+Jokes\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=4\u0026kid[]=11892052\u0026kbc2[]=urt%3D0%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D146.7047%7C7%3D0.0070%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4910%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D231241%7Cclpr%3D0.997000%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026kwd[]=Humor+Posters\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=5\u0026kid[]=14480780\u0026kbc2[]=urt%3D0%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D45.2107%7C7%3D0.0069%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4389%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D194744%7Cclpr%3D0.947300%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026v=1\u0026gdpr=1\u0026geo=59.83%7C10.8\u0026lper=100\u0026lpid=\u0026tsid=1005\u0026hint=\u0026cc=NO\u0026wsip=170764457\u0026bca=0\u0026ugd=4\u0026vgde_setid=Nfu\u0026vgde_chost=LJ1j78YJQJ1LNwLJQxj7Q.NmY\u0026cid=8CU6073RK\u0026vi=1773978361897309628\u0026vsid=DefVid\u0026tdAdd[]=asnum%3D50304\u0026vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D\u0026vgd_adprefflag=00\u0026vgd_adpref_diff=1010\u0026vgd_fm_lang=EN\u0026vgd_implt=3\u0026vgd_cage=0\u0026vgd_tsce=L1174-S1174\u0026vgd_l3_sc=03\u0026vgd_pdtid=1\u0026vgd_oscar=1\u0026vgd_ctrlid=O_SERP\u0026vgd_nrrv=19988\u0026vgd_nrrmf=8301000480a\u0026vgd_nrrsf=scrr\u0026vgd_cty=oslo\u0026vgd_csovr=0\u0026vgd_intc_log=%7B%22impl_type%22%3A%22skp%22%2C%22xvip%22%3A%22208.91.196.46%22%7D\u0026vgd_ifrmode=14\u0026sbdrId=\u0026verid=\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY\u0026kbbq=%26asn%3D50304\u0026vgd_ppvi=2152152396105982456\u0026vgd_wlstp=0\u0026vgd_vstrid=DefVid\u0026vgd_scsver=2969\u0026vgd_himglg=K0P0-O0K0-S0\u0026vgd_cache_metadata=%7B%22kbb%22%3Afalse%7D\u0026vgd_cfud=251031\u0026vgd_optout=0\u0026vgd_l2shld=1\u0026vgd_akcip=91.90.42.0\u0026vgd_oreqf=one\u0026vgd_oresf=one\u0026vgd_och=0\u0026vgd_rensize=1280_1024\u0026vgd_scr_h=1024\u0026vgd_scr_w=1280\u0026vgd_col_sch=l\u0026vgd_be=0\u0026vgd_nmerr=1\u0026tdAdd[]=uiparams%3D%3Brend_w%3A1280%3Brend_h%3A1024\u0026vgd_sc=03\u0026hvsid=00001773978361098015326356482027\u0026rc=0\u0026rand=1773978362268\u0026acid=undefined\u0026matm=1773978362268\u0026vgde_ltimesrc=u\u0026vgde_ltime=u9uf\u0026vgde_rtime=iiW\u0026vgde_etm=uF\u0026vgde_timeObj=%7B%22juJ-JN%22%3Azxjj%2C%22jfjm1O%22%3AWii%2C%22QNLLQ71L7%22%3AW9%2C%22QNLLLJzOJL%22%3Aui%2C%22QNLLJ-JN%22%3AAA%7D\u0026vgd_lhl=2103\u0026vgd_sbSup=1\u0026vgd_nrrs=19988\u0026vgde_cdeplbl=1E8Mzm7M1e18j1GjJ\u0026vgd_end=1","fqdn":"l.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ba5e95642c652c708881ad3c9d8443f","sha1":"5bfcc33bb9cc897546c600206b03d1307bd63a94","sha256":"c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24","sha512":"8c157fc41fd03bbd47633269b18effb652644e58284f8f85465b0ffba9b5a06544a03ed0655706c96edfa09a64f4f164f6bbc573ac5045000cae03c8b36d046f","ssdeep":"","tlshash":"7e600000000cc030030f0c00c3000300303000c000000c33000f30cc000000c00fc303","size":15,"data":"","first_seen":"2025-03-08T00:25:13.560069Z","last_seen":"2026-04-05T03:47:17.272801Z","times_seen":142529,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gov.dang.life/","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f9b28f9046250020debe91b599ff216","sha1":"30a15d06118bc2e0ec3923ea816595d2b6db013b","sha256":"16ad1392c1c980f2d355aa8b860ba648752ec61a93baf17a139fcaeaf54449e3","sha512":"6c687361bcb745faf35eb6230f427138d2a9d0b183b53e40527dd1f0d70de495a2da6869a96f3ae323cc1eb639a4355202bf3be1c45942efd80f75240e8604a8","ssdeep":"","tlshash":"a2f09758b4de7827ba6814be8ef8501ec17b114806cda5bcd40a6b18ad4105be069deb","size":509,"data":"","first_seen":"2026-03-20T03:46:25.649197Z","last_seen":"2026-03-20T03:46:25.649197Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"ip_src":{"addr":"172.18.0.3","port":59912,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.156325+0000\",\"flow_id\":2111873050180257,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":59912,\"dest_ip\":\"103.224.212.211\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":567},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":550,\"bytes_toclient\":1002,\"start\":\"2026-03-20T03:45:59.817825+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7cc9786c1473702ab4533216dd488c49","sha1":"c2ad65f26c36245cca46fe0b655c91936c10dee7","sha256":"b461ecabc762c6a46a4e15592037e7d27b6084392abdfae8511ded75a3c343d7","sha512":"b384ac2ab50f8bf5000400735cac30596e0b78e2a45cf4e79f6ba26d66f05a0091e14a71b4e3b4c816c7bdabe47f12e5a80008c3ff187b86c4ba5817dbbfac86","ssdeep":"768:dfLk/5Pkum5EDHDDK3bv4FFr3nQOYFtuuWBlI7McYP146Yk0Xl3EvT7SXk+zJbXm:pk/5f3kkPr3eXuXba6uPYr","tlshash":"fc23f9dd34c3746a1b6721a6413f2d4bf1bb1550398e8c40e9b5e9a63c3ca5f8623e4e","size":48299,"data":"","first_seen":"2026-03-19T22:21:45.196703Z","last_seen":"2026-03-23T11:24:37.278969Z","times_seen":4445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ea336f637477485ccd6f9a5b167bd7d","sha1":"8153e4b97c42ab5b73f2f577b43043c8c9283b4b","sha256":"ce4d01ea989bb3b9243f9917fe20a39064135a99b2f3b8cd6832cccb10006b96","sha512":"1ac3fbd0a0c12ef1eacf5dc2a5848e72574bc9ebab4b159fbd080d02b3c49320e5862be0d7404e6ded0c2e2c8c0c43f84d93b966d200007782e282bbab8b3c65","ssdeep":"","tlshash":"c6f0e5b694b3c8285b0f264673ffd684145043e45c05764df1ede49a03e1d4cc0d9eaa","size":481,"data":"","first_seen":"2025-03-08T00:25:13.728891Z","last_seen":"2026-04-05T03:47:17.285707Z","times_seen":140154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e8be5ce7a18d21c61ddaa3be3fd99ea","sha1":"7d2e7dcc6e15405e8d20e4287f271756e7f874f3","sha256":"5211c581ce1e9891281e16e8820398ab1f3a835b862b9e168bbffffe8e66ea19","sha512":"202c8e96e23f05dc95606ba0b7b318973a6ce95f22f28d05b4fe3762f335f0db7d989c73f8f0fc4e55cfa2b4c4980bc17433b8132ffba6b6975658322e7eb308","ssdeep":"","tlshash":"a6b02b103d301002007a0183c874c4290136d8f3330044d44b003cec908e440605e74c","size":122,"data":"","first_seen":"2025-04-02T18:01:59.542907Z","last_seen":"2026-04-05T03:47:17.286277Z","times_seen":139778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"ww38.gov.dang.life/favicon.ico","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:00.805Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ww38.gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 20 Mar 2026 03:46:00 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 0\r\nLast-Modified: Wed, 11 Sep 2024 11:38:26 GMT\r\nConnection: keep-alive\r\nETag: \"66e18132-0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.951629+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/x-icon\",\"http_refer\":\"http://ww38.gov.dang.life/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":11,\"bytes_toserver\":2198,\"bytes_toclient\":6984,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yfdpco1.com/sk-park.php?pid=9PO15V947\u0026dn=dang.life\u0026ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0\u0026requrl=http%3A%2F%2Fww38.gov.dang.life%2F\u0026al=en-US%2Cen%3Bq%3D0.5","fqdn":"yfdpco1.com","domain":"yfdpco1.com","tld":"com"},"ip":{"addr":"208.91.196.46","port":80,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:00.816Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /sk-park.php?pid=9PO15V947\u0026dn=dang.life\u0026ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0\u0026requrl=http%3A%2F%2Fww38.gov.dang.life%2F\u0026al=en-US%2Cen%3Bq%3D0.5 HTTP/1.1\r\nHost: yfdpco1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 20 Mar 2026 03:45:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nx-sc-h: 21-fbr8\r\nvia: 1.1 google\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":10577,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (10410)","md5":"d12ac16d5df06992c24bc1f43bca3e54","sha1":"624b1957e2cbe7110a78b4ef48ac168a7ab18401","sha256":"02ae306f91e20947b4a13a523d2256745d4a150f5b570cd04109737acf83872e","sha512":"ee3062312e2615b475faa4272de6f713048e883650d197ab2bb65bbf240bf5e5102b9e7f4dcfd163a892949dabf0d20c8cb3efbf20bce21219d5709741e09c21","ssdeep":"192:fA7NXcNAHMAIfM78okaVEYT2HhfLGAvXNAHMAIfM78okaVEYT2HhFfyqi6jBwVJ5:EcNAHcaqTdyAvXNAHcaqTHyL69wd","tlshash":"5022299192f588508ccf00d2debebfdda45aad22bc6c640c49c8cb90603eb671d56ce5","first_seen":"2026-03-20T03:46:25.631753Z","last_seen":"2026-03-20T03:46:25.631753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":160,"dns":27,"connect":133,"send":0,"wait":232,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928ba7c8c66b8cf7098b2ab706eb1d152c8c8efee87a69b\u0026cri=WgSsO2xAgV\u0026ts=238\u0026cb=1773978361461","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:01.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928ba7c8c66b8cf7098b2ab706eb1d152c8c8efee87a69b\u0026cri=WgSsO2xAgV\u0026ts=238\u0026cb=1773978361461 HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nCookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\ndate: Fri, 20 Mar 2026 03:46:01 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 43\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"db04c7b378cb2db912c3ba8a5a774ee3","sha1":"dee34bd86c3484d31002182aa2b7caa4699126b8","sha256":"98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a","sha512":"826225fc21717d8861a05b9d2f959539aad2d2b131b2afed75d88fbca535e1b0d5a0da8ac69713a0876a0d467848a37a0a7f926aeafad8cf28201382d16466ab","ssdeep":"","tlshash":"6490000bca888002caa2c0302b8883022b88b0320228832e80bc30a8ee3b3a20c02000","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T03:44:57.795894Z","times_seen":356193,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.cdn-fileserver.com/__media__/pics/9000/09/593//arrrow.png","fqdn":"s.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /__media__/pics/9000/09/593//arrrow.png HTTP/1.1\r\nHost: s.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 06 Mar 2025 13:05:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 283\r\ncache-control: public, max-age=604800\r\ncontent-type: image/png\r\nvia: 1.1 google\r\nx-cache-status: miss\r\nalt-svc: h3=\":443\"; ma=86400\r\netag: \"11b-62fac2985d568\"\r\nage: 91196\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2BaXAEPC%2BhaCBfa5FootPH4ZkQeJmBXD69cl11aEMBOToi88zz%2BzIUzF%2B6Gsvd%2Bz3RNqwkRbqkRABorSYGJszqj0QEVDbS%2FORZAaHofuQifo%2Blwg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df1ba3baee62efa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 17 x 27, 8-bit colormap, non-interlaced","md5":"80d42c82a6c37da90210fd60a2f36128","sha1":"554ba7c84d2a27ecf3b1f29d03e62101936b54d8","sha256":"a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10","sha512":"8ecb032c38176996ee637009833f3399f773b325e4f574fbbd26f93cdb82892c4143c5816543052b3a5123b89ef4b1aaca0407315aab879968085e61a20786b6","ssdeep":"","tlshash":"38d023cb5d512c3dd3615031445810799df2ad602c774182013eb4760f73545c658714","first_seen":"2023-04-06T17:33:21Z","last_seen":"2026-04-05T03:47:17.26641Z","times_seen":150300,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"s.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/mon","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:02.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2653\r\nOrigin: http://ww38.gov.dang.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nCookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2653,"data":"e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928eb\u0026cri=WgSsO2xAgV\u0026sf=0\u0026dc=XVVRSVkuSV5eBF5JXl5JXi8CGQAASV4vXVRaSV4vX1hfXEleL11cXl1JXi9dXFVZSV4vVVReSV4vXVxVWUleL1VaVUleL1xJXi9dXEleL11dWVlJXi9dXVlZSVkoSl9dUUlbLkleXhtJXl5JXy1dW15JXi9JXl4ESV5eSV8tWF5JXi9JXl4OM0leXklfLVVJWyhKW11RSVsuSV5eBQIPSV5eSV8tXUleL0leXg4zSV5eSV8tXElbKEpdWF1RSVsuSV5eH0leXklfLV1JXi9JXl4OM0leXklfLVxJWyhKXVlVUUlbLkleXglcSV5eSV8tSV5eGkILCRguDRgYCR4VSV5cBR9JXlwCAxhJXlwNSV5cChkCDxgFAwJJXl5JXi9JXl4OM0leXklfLVxJWyhKX15aUUlZLklbLkleXg5JXl5JXy1dSV4vSV5eH0leXklfLUleXl1JXl5JWyhJXi9JWy5JXl4OSV5eSV8tXEleL0leXh9JXl5JXy1JXl5dSV5eSVsoSVkoSlleXFFJWy5JXl4cSV5eSV8tSV5eOwUCX15JXl5JXi9JXl4ASV5eSV8tSVkuSV5eCQJBOT9JXl5JXi9JXl4JAkleXklZKEleL0leXgQPSV5eSV8tWFRJXi9JXl4bCxpJXl5JXy1JXl4hCR8NSV5eSV4vSV5eGwseSV5eSV8tSV5eAAAaARwFHAlJXl5JXi9JXl4OM0leXklfLVhaSVsoSlRbWFFJWy5JXl4fSV5eSV8tXEleL0leXglJXl5JXy1JXl48GQ4ABQ8nCRUvHgkICQIYBQ0ASV5cBR9JXlwCAxhJXlwICQoFAgkISV5eSV4vSV5eDjNJXl5JXy1cSVso\u0026cp=1\u0026gtm=-\u0026gac=-\u0026uvid=c3c85550d2658a51d6520f04af377cc11d51def2\u0026tb=1\u0026ich=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=1004\u0026mo=0\u0026pn=2205\u0026spn=1200\u0026fp=447"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.gov.dang.life\r\ncontent-type: application/json\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gov.dang.life/","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T03:45:54.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pick.au","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 17:12:21 GMT","end":"Tue, 02 Jun 2026 17:12:20 GMT"},"fingerprint":{"sha1":"76:0C:2C:02:E2:76:3A:5A:01:C8:F0:AD:97:A3:1B:4E:32:36:C2:AE","sha256":"0A:9A:C3:AD:65:1B:90:63:BC:7C:B6:9F:73:80:0D:0B:A0:27:32:45:F6:A3:18:17:D0:7F:88:31:9D:86:60:19"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Fri, 20 Mar 2026 03:45:55 GMT\r\nserver: Apache\r\nset-cookie: __tad=1773978355.7623697; expires=Mon, 17 Mar 2036 03:45:55 GMT; Max-Age=315360000\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 565\r\ncontent-type: text/html; charset=UTF-8\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1052,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6c84f305a7ab43dbb89389ea51aa6246","sha1":"1d00c92efe55ddcf8fa59f0aa264438acfa5d7c7","sha256":"128d84761094921721010d4f7ad14e5602d56fe2327b456e1d80c7f14e96b68e","sha512":"7ffdc86895cfe4ace3b73b796ddfedd86d0f5a475e49dc040490ec3db7017ab5104c0775f6a19f3fa1d4ae55873b25a3b01ee3fa12429ff314e40af7ff5ea690","ssdeep":"","tlshash":"10110508bcc7a403f91108adccf8b11ec067715897cdcc2cd589f668ad4028ad8595db","first_seen":"2026-03-20T03:46:25.634027Z","last_seen":"2026-03-20T03:46:25.634027Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1211,"timings":{"blocked":514,"dns":174,"connect":160,"send":0,"wait":183,"receive":0,"ssl":176},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"ip_src":{"addr":"172.18.0.3","port":59912,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.156325+0000\",\"flow_id\":2111873050180257,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":59912,\"dest_ip\":\"103.224.212.211\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":567},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":550,\"bytes_toclient\":1002,\"start\":\"2026-03-20T03:45:59.817825+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gov.dang.life/favicon.ico","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gov.dang.life/","date":"2026-03-20T03:45:56.514Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gov.dang.life/\r\nCookie: __tad=1773978355.7623697\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":1,"connect":156,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.cdn-fileserver.com/__media__/fonts/montserrat_regular/montserrat_regular.woff","fqdn":"s.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /__media__/fonts/montserrat_regular/montserrat_regular.woff HTTP/1.1\r\nHost: s.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://realtimesearchresults.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\naccept-ranges: bytes\r\ncontent-length: 24744\r\naccess-control-allow-origin: *\r\nedge-control: downstream-ttl=1d\r\nvia: 1.1 google\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 16 May 2016 10:39:41 GMT\r\netag: \"60a8-532f33dedf540\"\r\ncontent-type: font/woff\r\nage: 180587\r\nx-cache-status: hit\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UsyHi3REq14dRjtMq6dtUg1ewNc6pmtqGZ%2Fm%2FRfSU2%2FqKeJLn7XI1FhQqd8dzj0JFto9pZZ0qfdREsqNUCHQbSIsKXD1dCnBbCpRw5LwYI93FMYz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df1ba3bdeed2efa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":24744,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 24744, version 1.0","md5":"987e102655eee6557d9e5de5eda2dbd7","sha1":"9cfb173085bc54a3e7a4f377e5184cba87ad7a67","sha256":"1354d1ffff7cde96f66dd463a7a9d9bc627c2ea55c1a12c7f0b5c63594622c3e","sha512":"bccd46bbc05dc333869797877f2702294f24f697bd5cf8c42210092d74ddb261b301fa1cb09f79ddc2fb1dc5a54acb3aabde5454920ab195fc906cfddf1be75a","ssdeep":"768:Vw0BKrqrg0KoirVY+RpyVvAfeiCONpPkIw31R:q0BKH0Koiu+Tyqfe1cCH31R","tlshash":"80b2d138a2776205f24c16f579030b361dda21ba925e47bb062360ae1db9a4cd18a24f","first_seen":"2025-04-10T23:48:29.909914Z","last_seen":"2026-04-05T03:47:17.267043Z","times_seen":127113,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"s.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/mon","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:06.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1799\r\nOrigin: http://ww38.gov.dang.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nCookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1799,"data":"e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928eb\u0026cri=WgSsO2xAgV\u0026sf=0\u0026dc=\u0026cp=5\u0026gtm=-\u0026gac=-\u0026uvid=c3c85550d2658a51d6520f04af377cc11d51def2\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=5010\u0026mo=0\u0026pn=6210\u0026spn=1200\u0026fp=447\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.gov.dang.life\r\ncontent-type: application/json\r\ndate: Fri, 20 Mar 2026 03:46:06 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/ct","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:01.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"POST /ct HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 4465\r\nOrigin: http://ww38.gov.dang.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":4465,"data":"id=92098\u0026url=http%3A%2F%2Fww38.gov.dang.life%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20iFrame\u0026uvid=c3c85550d2658a51d6520f04af377cc11d51def2\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1773978361223\u0026hl=3\u0026op=0\u0026ag=2881387774\u0026rand=23767205686115227019120185560180572017728072115096556598621222280011811228198847150505001512\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDYyMDddLFsiYWJuY2giLDExXSxbLTIsIjEwLElzTjluR25XYkFZQUl4TmZRYU9xR0UwQ0ZBUXNjRzAwSW5oT2JZQkFLWVVPelFPNkVYMDIwSW1HTGN1NjJ1cmRQL2MyZDJwTm1WWkF3ZjMvLzh6NzlHckhhMVd1M09tWFBQdmUiXSxbLTYsIntcIndcIjpbXCIwXCIsXCJvblJUQkZhaWx1cmVcIixcIm9uUlRCU3VjY2Vzc1wiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiX19jdGNnX2N0XzkyMDk4X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy05LCItIl0sWy0xNCwiLSJdLFstMjAsIi0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzksIltcIjIwMTAwMTAxXCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCw1LHRydWUsZmFsc2UsbnVsbCwwLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlXSJdLFstNTIsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0zMywiLSJdLFstNDIsIjg4MzM5OTAxNiJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNzIsIkV4VT0iXSxbLTczLCJFaFE9Il0sWy0yOSwiLSJdLFstMzgsImksLTEsLTEsMCwwLDEyLDAsMSwxMDcsMjI0LC0xLDAsLDQ0Nyw3NzUsNzc1Il0sWy01MywiMDAxIl0sWy02NSwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNCwiLSJdLFstNjYsIi0iXSxbLTY3LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJtZXNhXCIsXCJyXCI6XCJsbHZtcGlwZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMFwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wXCIsXCJndmVuXCI6XCJtb3ppbGxhXCIsXCJiZW5cIjo0NixcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTIxLCItIl0sWy0zMSwiZmFsc2UiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNjEsIi0iXSxbLTcsIi0iXSxbLTEwLCItIl0sWy0yNCwiW10iXSxbLTQxLCItIl0sWy00NCwiMCw1LDAsNSJdLFstMSwiTGludXggeDg2XzY0Il0sWy01MSwiLSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYU1V0UVZGeGFVRXRhVlZ4WFhFMFhXbFpVRmtwQlNSWlFGZzhLRDE4Qld3RU1BVjhQQVFoWVdsc09XMTlZRDE4TUFRcFlBQThQQ2dsWUYxTktBd2dERHc4T0RRd1ZEZ2dBRmswWFhFRkpWa3ROU2hZRmVWRk5UVWxLQXhZV1hFeFdXeGRKUzFCVVhGcFFTMXBWWEZkY1RSZGFWbFFXU2tGSkZsQVdEd29QWHdGYkFRd0JYdzhCQ0ZoYVd3NWJYMWdQWHd3QkNsZ0FEdzhLQ1ZnWFUwb0RDQU1QRHdBTkN4VktYRTF0VUZSY1ZreE5HVkZZVjExVlhFc1REZ2dBRmswWFhFRkpWa3ROU2hZRmVWRk5UVWxLQXhZV1hFeFdXeGRKUzFCVVhGcFFTMXBWWEZkY1RSZGFWbFFXU2tGSkZsQVdEdz09Il0sWy02NCwiLSJdLFstNjgsIi0iXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstMzQsIi0iXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMDAwMDEwIl0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNzQsIi0iXSxbLTEzLCItIl0sWy0xNSwiLSJdLFstMjUsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTQwLCIzNyJdLFstNjMsIi0iXSxbLTc1LCIoaW50ZXJtZWRpYXRlIHZhbHVlKS5zb21lRnVuYyBpcyBub3QgYSBmdW5jdGlvbiJdLFstMTIsIlwiMVwiIl0sWy0xNywiNDgiXSxbLTMyLCIwIl0sWy01NCwie1wiaFwiOltcIjMyOTk3Mjg0NTJcIixcIjgyMjgyMzExOVwiLFwiOTgzMjI2MjkwXCIsXCIyODcyODk5MzIwXCIsXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNSwiLSJdLFstNjAsIi0iXSxbLTYyLCI1OCJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWy04LCItIl0sWyJibmNoIiwzODZdLFstMzUsIlsxNzczOTc4MzYxMjE1LDBdIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstMTYsIjAiXSxbLTI2LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTM3LCItIl0sWy01NSwiMCJdLFstNTgsIi0iXSxbLTU5LCItIl0sWy02OSwiV2luMzJ8fHw0OHwtfC0iXSxbLTcwLCItIl0sWyJkZGIiLCIwLDksMCwxLDAsNCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMywwLDEsMCwwLDAsMSwwLDQsMzgsMCwyNSwxLDEsMCwwLDAsMSwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDIsMiwwLDUwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw3LDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwwLDAiXV0%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=WgSsO2xAgV\u0026pto=966\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1773978361.4rqzADSWF53K6f6x\u0026suid=1.1773978361.bAz9QaJXg5ew9iyY\u0026tuid=1.1773978361.EkqguJJ804yYlZcQ\u0026sid=1.1773978361224.6nl8zmdRCPAigE0d\u0026fbc=-\u0026gtm=-\u0026it=5%2C402%2C83\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Oi15fzZz"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.gov.dang.life\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Fri, 20 Mar 2026 03:46:01 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\nset-cookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7; Max-Age=29030400; Path=/; Expires=Fri, 19 Feb 2027 03:46:01 GMT; HttpOnly; Secure; SameSite=None\r\ntiming-allow-origin: http://ww38.gov.dang.life\r\ncontent-length: 1143\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3430,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5ce8548ecebc35d3ece96a6ab45b60f3","sha1":"47b4d8da6877a728308511e86b75571dfd473835","sha256":"ebc8ffb6e1bd4fe9b3ad7518d6d809b2ee4560783c11cea1d3f732d27a435df1","sha512":"448afa49ce4dae2c95b70c5b42b0b787393b8c9dd72f8dbd97fd1c271cb10cbb952a2e289d45d1b6775612cde6bea4d0429e1ae4a7b93e88b026bd14e5bb952c","ssdeep":"","tlshash":"6b61087d302d4e75527df693bf118a8312d19765016ba48bd1377b5d0eaf760af09080","first_seen":"2026-03-20T03:46:25.635379Z","last_seen":"2026-03-20T03:46:25.635379Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":121,"dns":11,"connect":35,"send":0,"wait":59,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"l.cdn-fileserver.com/bping.php?ugd=4\u0026wsip=170762568\u0026gdpr=1\u0026mspa=0\u0026r=1773978361100\u0026vgd_tsce=L1174\u0026vgd_cage=2\u0026vgd_oreqf=one\u0026prid=8PR11258V\u0026crid=848515096\u0026vi=1773978361897309628\u0026ssld=%7B%22QQNN%22%3A%22Ia%22%2C%22QQN75%22%3A%22mQjm%22%2C%22QQ8E%22%3A%22%22%2C%22QQQN%22%3A%229A%22%7D\u0026wshp=0\u0026vgd_cdv=O2940\u0026vgd_l2type=dmola\u0026vgd_oresf=one\u0026cid=8CU6073RK\u0026sc=03\u0026lper=100\u0026requrl=http%3A%2F%2Fdang.life\u0026vgd_asn=50304\u0026vgd_rpth=%2Fola\u0026vgd_setup=c21\u0026vgd_wlstp=0\u0026hvsid=00001773978361098015326356482027\u0026lf=6\u0026cc=NO\u0026vgd_len=525\u0026vgd_end=1","fqdn":"l.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yfdpco1.com/sk-park.php?pid=9PO15V947\u0026dn=dang.life\u0026ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0\u0026requrl=http%3A%2F%2Fww38.gov.dang.life%2F\u0026al=en-US%2Cen%3Bq%3D0.5","date":"2026-03-20T03:46:01.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /bping.php?ugd=4\u0026wsip=170762568\u0026gdpr=1\u0026mspa=0\u0026r=1773978361100\u0026vgd_tsce=L1174\u0026vgd_cage=2\u0026vgd_oreqf=one\u0026prid=8PR11258V\u0026crid=848515096\u0026vi=1773978361897309628\u0026ssld=%7B%22QQNN%22%3A%22Ia%22%2C%22QQN75%22%3A%22mQjm%22%2C%22QQ8E%22%3A%22%22%2C%22QQQN%22%3A%229A%22%7D\u0026wshp=0\u0026vgd_cdv=O2940\u0026vgd_l2type=dmola\u0026vgd_oresf=one\u0026cid=8CU6073RK\u0026sc=03\u0026lper=100\u0026requrl=http%3A%2F%2Fdang.life\u0026vgd_asn=50304\u0026vgd_rpth=%2Fola\u0026vgd_setup=c21\u0026vgd_wlstp=0\u0026hvsid=00001773978361098015326356482027\u0026lf=6\u0026cc=NO\u0026vgd_len=525\u0026vgd_end=1 HTTP/1.1\r\nHost: l.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yfdpco1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 20 Mar 2026 03:46:01 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\ncache-control: max-age=0, no-cache, no-store\r\nexpires: Thu, 19 Mar 2026 03:46:01 GMT\r\npragma: no-cache\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=63072000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v1mD7nYjk3IIWQrXtGOJB5RtSfUfuAy%2B6Xg%2BPJQlwpb5%2FV9CGcv5eKn%2BJLIE%2BUGbbjJhiDYIbcFgKUjjT3BdrF23b7lgxEcUITN3t8bytNh%2BOTfa\"}]}\r\nserver: cloudflare\r\ncf-ray: 9df1ba361c3d723c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 87a, 1 x 1","md5":"6f1d74c7168076c7666246504a8c03f2","sha1":"00656377deb1a4393e0cf0055385b08b2b81b46c","sha256":"8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde","sha512":"e502484faa0dc2a1f23c7f715879db654f29d0af1d6f616467d3d1fc578c2d16fccaacd76c4a5ecae8451dc912323473559d29edbd322fe85b8f1e83a7cdf2f3","ssdeep":"","tlshash":"53900447f1401103d135403007075340070c5030145403050071507ddc1d7553d07410","first_seen":"2025-03-07T21:51:05.009549Z","last_seen":"2026-04-05T03:47:17.264266Z","times_seen":143907,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":21,"dns":4,"connect":1,"send":0,"wait":143,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"l.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.cdn-fileserver.com/__media__/pics/9000/09/593//bg1.png","fqdn":"s.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /__media__/pics/9000/09/593//bg1.png HTTP/1.1\r\nHost: s.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 06 Mar 2025 12:55:21 GMT\r\netag: \"4642-62fac04c7759a\"\r\naccept-ranges: bytes\r\ncontent-length: 17986\r\ncache-control: public, max-age=604800\r\ncontent-type: image/png\r\nvia: 1.1 google\r\nx-cache-status: miss\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 525271\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N67fsR1TcdLhYsrhZSIUJW0EEb6J7cNhImennSk3fBETn4Pjd2jtmVDbL9hvSQ95LcvoixsYorvKW9wlGNxz3aDwYBoC5cUXn%2F80B2ImyJdzQlN2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df1ba3bceeb2efa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":17986,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1730 x 988, 4-bit colormap, non-interlaced","md5":"825ccd29ac102fcadaf92b2343d5917b","sha1":"24472e766cfac5b82a73b219796556a0a3702bd6","sha256":"0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd","sha512":"71b8e7c0813227f5efa4b4e0561978b13672f46ee441bc222ad77aa46a32f0f44a5dab3ef038bb3418190e69dced597a79e77566da01a259f1cd6b5298a08662","ssdeep":"384:/ATpX6Cex7jSxPgvgsODg/B2HgqSSeMjhRNAxB60ZL/HU+HqofTBf:ipX6nx7elggsODg52AqSSJhIxBZZLc8N","tlshash":"8a82bef49ea4241cdde2dfbce09243d635e8fb03481a9c516bcb46c27459ea2782c71d","first_seen":"2023-04-06T22:32:28Z","last_seen":"2026-04-05T03:47:17.276993Z","times_seen":150274,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"s.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msadsscale.microsoft.com/bingads/telemetryJS.js","fqdn":"msadsscale.microsoft.com","domain":"microsoft.com","tld":"com"},"ip":{"addr":"13.107.213.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msadsscale.microsoft.com","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Sun, 21 Dec 2025 00:00:00 GMT","end":"Sun, 21 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2C:BD:B0:AB:44:13:2E:20:B9:4A:CE:77:54:53:0B:D3:6F:B7:12:AB","sha256":"F0:73:26:EC:1A:F7:21:8F:A5:59:85:8A:09:7C:FC:E8:93:49:67:48:66:67:5E:8F:5C:8E:AE:44:2A:82:6B:F0"}}},"request":{"raw":"GET /bingads/telemetryJS.js HTTP/1.1\r\nHost: msadsscale.microsoft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 12 Mar 2025 08:06:51 GMT\r\netag: W/\"0x8DD613CD8BAF720\"\r\nx-ms-request-id: 9f313600-c01e-005a-6ef3-b4a4cb000000\r\nx-ms-version: 2018-03-28\r\naccess-control-expose-headers: content-length\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20260320T034602Z-16c6dc4f4d6rl26jhC1SVG5um80000001ev00000000038q0\r\nx-fd-int-roxy-purgeid: 3\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":72824,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65504), with no line terminators","md5":"84bf71fe11d71bedaac885462b1d2940","sha1":"bdcf95799b79eea873329ddbd112eda32f47877e","sha256":"a8d28463855fcf949fb31963246cc6c55ea9baf9c5551b327687dcd6076502f7","sha512":"02d7de1db70f021c17bc184e1e795cc01f63889731f444ca429040f3599dccdb346c68e8e5e69fc81060972b7ccbcebf1e9294e50318957ded8cb0cbeecacb3e","ssdeep":"768:TM4lJgxIU3OPOEUi6UsQ6R1k/Y7/LKF/ZE/4OkeZChQZqeYQYTyCLJV6N//MFgPc:A4voIU+POE3kMMmF/6VbqXQQfI/EgYuo","tlshash":"5a63938df1d1b0f607e7a0e5412f960ae1b72968b45ea8d6e6a1d4e09c7884f1037f7c","first_seen":"2025-03-13T12:39:24.627452Z","last_seen":"2026-04-05T03:47:17.272074Z","times_seen":92841,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":53,"dns":3,"connect":23,"send":0,"wait":46,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.yimg.com/ds/scripts/selectTier-p1.1.0.js","fqdn":"s.yimg.com","domain":"yimg.com","tld":"com"},"ip":{"addr":"188.125.94.206","port":443,"asn":10310,"as":"YAHOO-1","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.www.yahoo.com","organization":"Yahoo Holdings Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Feb 2026 00:00:00 GMT","end":"Wed, 15 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"84:C1:83:1D:78:C9:B7:8A:5A:A8:A1:3A:D1:2D:07:74:F7:40:BF:69","sha256":"30:9D:82:0E:FF:36:AB:C3:61:0C:B1:7B:4F:10:14:11:09:6C:44:3F:CF:03:8A:C3:71:1B:6A:74:BC:17:8C:B6"}}},"request":{"raw":"GET /ds/scripts/selectTier-p1.1.0.js HTTP/1.1\r\nHost: s.yimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: 3ZgFkKbFOkdLMlLhYvk7+UuDTdsMfleCx8Xjs1ZaD6YjFu640LkYH1jiYy2mg/wUIoEl0IKInp8=\r\nx-amz-request-id: 4SC39RBEBZD6427B\r\ndate: Fri, 20 Mar 2026 03:46:03 GMT\r\nlast-modified: Tue, 17 Mar 2026 16:07:48 GMT\r\netag: \"a141400493d06236f13b5ec5e7993178-df\"\r\ncache-control: public,max-age=60\r\nx-amz-version-id: MYILtxSp4D3g9IIiusm3XYc.Lrxqvgn9\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nserver: ATS\r\nvary: Origin, Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 0\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":25545,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25545), with no line terminators","md5":"a141400493d06236f13b5ec5e7993178","sha1":"bbe007343d7ea3461a040a88c15e3034a344863c","sha256":"61db003df491f58c5cba0781ae8a764c69c5d165eebe1b79bb59289f83a8242c","sha512":"c029685beb47b16e0956deda40d4dbe036f3f22a627602491125dd1003e90834ecf7ff42332f31a5ee12081052b1e0eafb3e8156baf73c3fe4dc9a6c9a712e40","ssdeep":"768:AvPr83BT2T2x4ebxteeqrkp3KQZ91/Rp537jm7t+wjvooXsxsdh:Avj83ET2+KzmQZ7/Rpx7/Qsxu","tlshash":"4bb2c7a574c9343f03ab80f3903b231933765d2a3906a568368886de5dace5b5317f7e","first_seen":"2026-03-17T16:10:23.974009Z","last_seen":"2026-04-05T03:47:17.273485Z","times_seen":16644,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":24,"dns":3,"connect":8,"send":0,"wait":343,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/mon","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:04.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1799\r\nOrigin: http://ww38.gov.dang.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nCookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1799,"data":"e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928eb\u0026cri=WgSsO2xAgV\u0026sf=0\u0026dc=\u0026cp=3\u0026gtm=-\u0026gac=-\u0026uvid=c3c85550d2658a51d6520f04af377cc11d51def2\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=3007\u0026mo=0\u0026pn=4207\u0026spn=1200\u0026fp=447\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.gov.dang.life\r\ncontent-type: application/json\r\ndate: Fri, 20 Mar 2026 03:46:04 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gov.dang.life/js/fingerprint/iife.min.js","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gov.dang.life/","date":"2026-03-20T03:45:55.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pick.au","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 17:12:21 GMT","end":"Tue, 02 Jun 2026 17:12:20 GMT"},"fingerprint":{"sha1":"76:0C:2C:02:E2:76:3A:5A:01:C8:F0:AD:97:A3:1B:4E:32:36:C2:AE","sha256":"0A:9A:C3:AD:65:1B:90:63:BC:7C:B6:9F:73:80:0D:0B:A0:27:32:45:F6:A3:18:17:D0:7F:88:31:9D:86:60:19"}}},"request":{"raw":"GET /js/fingerprint/iife.min.js HTTP/1.1\r\nHost: gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gov.dang.life/\r\nCookie: __tad=1773978355.7623697\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Fri, 20 Mar 2026 03:45:56 GMT\r\nserver: Apache\r\nlast-modified: Mon, 28 Apr 2025 06:31:27 GMT\r\netag: \"85c0-633d0d56a6dc0\"\r\naccept-ranges: bytes\r\ncontent-length: 34240\r\ncontent-type: text/javascript\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":34240,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33896), with CRLF line terminators","md5":"63f9fd621d1fbd53b7c5856e58c11ccd","sha1":"a46973c2fbdbfeb159e0d717a90f88307e274012","sha256":"c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089","sha512":"d4df433c7368ec078fbc473398a4ab21e6da20950ac4db34338623296887db40320b05b9bde6130e43d2b55c82b81a56b60bab0d6a4c97df54a0cb7a8f09325b","ssdeep":"384:XhQYTcHRx9vfQxcuK83ERxXYxMvtTpIBNwBUZXLew5gc+RW7+5ERNFaqE8E0QI+V:XSbHRTArOGSoyISuNwxJzZbPePKe9y","tlshash":"6cf207d8b2c3b02d227378ba497f6006b63abd55641c4803d57be5c178a4e5a813bfb8","first_seen":"2023-05-01T16:20:27Z","last_seen":"2026-04-05T03:50:26.033216Z","times_seen":35626,"resource_available":true,"data":null}},"time_used":1063,"timings":{"blocked":364,"dns":1,"connect":158,"send":0,"wait":322,"receive":11,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gov.dang.life/?tr_uuid=20260320-1445-5545-bc72-3bf74c0f187d\u0026fp=faed01b113cfb270c624ee1aa793ad6c","fqdn":"gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T03:45:56.817Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?tr_uuid=20260320-1445-5545-bc72-3bf74c0f187d\u0026fp=faed01b113cfb270c624ee1aa793ad6c HTTP/1.1\r\nHost: gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __tad=1773978355.7623697\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ndate: Fri, 20 Mar 2026 03:45:57 GMT\r\nserver: Apache\r\nlocation: http://ww38.gov.dang.life/\r\ncontent-length: 0\r\ncontent-type: text/html; charset=UTF-8\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":161,"dns":0,"connect":162,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:45:57Z","timestamp":1773978357,"ip_dst":{"addr":"103.224.212.211","port":80,"asn":133618,"as":"Trellian Pty. Limited","country":"Australia","country_code":"AU"},"ip_src":{"addr":"172.18.0.3","port":43824,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:45:57.155691+0000\",\"flow_id\":299225052378281,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":43824,\"dest_ip\":\"103.224.212.211\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"gov.dang.life\",\"url\":\"/?tr_uuid=20260320-1445-5545-bc72-3bf74c0f187d\u0026fp=faed01b113cfb270c624ee1aa793ad6c\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://ww38.gov.dang.life/\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":785,\"bytes_toclient\":331,\"start\":\"2026-03-20T03:45:56.816297+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T03:45:57.161Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww38.gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.primecirclenet.com/sxp/i/636f8b858f681acb7bfa6f583a96630a.js","fqdn":"euob.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.164.230.34","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:00.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Sat, 27 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"77:CB:09:91:B7:EA:42:3C:3E:84:33:70:0A:98:69:44:32:8B:1F:96","sha256":"DF:34:95:1F:9C:A1:61:3F:8F:6A:34:E9:94:51:D8:E0:06:6A:32:14:97:BE:01:16:4E:02:BB:87:9F:8A:1D:34"}}},"request":{"raw":"GET /sxp/i/636f8b858f681acb7bfa6f583a96630a.js HTTP/1.1\r\nHost: euob.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 45183\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ndate: Fri, 20 Mar 2026 01:22:13 GMT\r\netag: \"1dc06-B8nxmls8TFyIRSMgxj1/ExIooA8\"\r\nexpires: Fri, 20 Mar 2026 13:22:13 GMT\r\nserver: Caddy\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e2b910126831841c6bf3d6563742ab92.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P1\r\nx-amz-cf-id: sv9fbTt7CCjdUVMfgkH10B8FLmcpNTW0RdiUi3eHBHqiBe7POHZTng==\r\nage: 8627\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":121862,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"ef287973bbf79645f483e0b89805c24f","sha1":"07c9f19a5b3c4c5c88452320c63d7f131228a00f","sha256":"aefd1799aee2a4a1bee047144fc3942f78ddbb11270a25d11d5afcc6168ded70","sha512":"1c35ee3c44279118cac0681545711983d5f2b7acd1b3e509c0e9986f5e928c244ef771c835a45c4037b08fe691a952910c2d880232531f2866d2687e4e3dee41","ssdeep":"1536:XOuWmlw1eU32zEb0wu0RnWuGyVxlicnYtMolHAEh8sqrfje+wUK8LonhdbErReKG:+4lwAZP0RGyARWsqumrRnvlyv/","tlshash":"20c3d6adb2f27025439335a5147f410ae27b1e543c4b8290d17ae9d4ac7ce8e857bfac","first_seen":"2026-03-15T13:25:10.579891Z","last_seen":"2026-04-05T03:52:04.708378Z","times_seen":6473,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":35,"dns":15,"connect":8,"send":0,"wait":9,"receive":8,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","fqdn":"realtimesearchresults.com","domain":"realtimesearchresults.com","tld":"com"},"ip":{"addr":"199.191.50.132","port":443,"asn":40034,"as":"CONFLUENCE-NETWORK-INC","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://yfdpco1.com/sk-park.php?pid=9PO15V947\u0026dn=dang.life\u0026ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0\u0026requrl=http%3A%2F%2Fww38.gov.dang.life%2F\u0026al=en-US%2Cen%3Bq%3D0.5","date":"2026-03-20T03:46:01.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realtimesearchresults.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 23:39:44 GMT","end":"Sat, 23 May 2026 23:39:43 GMT"},"fingerprint":{"sha1":"31:D9:5D:EC:85:73:9D:40:D2:96:E9:D9:97:7E:68:58:98:B1:2C:D1","sha256":"6B:C9:00:CD:5E:10:B4:46:69:E4:EA:A4:75:56:9C:28:40:9A:3C:DC:5A:45:C5:3D:63:B5:43:63:12:49:00:F0"}}},"request":{"raw":"GET /sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1 HTTP/1.1\r\nHost: realtimesearchresults.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yfdpco1.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 20 Mar 2026 03:50:14 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: no-store, max-age=0\r\ncontent-encoding: gzip\r\nlink: \u003chttps://scripts.clarity.ms/0.8.54/clarity.js\u003e; rel=prefetch, \u003chttps://msadsscale.microsoft.com/bingads/telemetryJS.js\u003e; rel=prefetch, \u003chttps://www.clarity.ms\u003e; rel=dns-prefetch, \u003chttps://s.yimg.com/ds/scripts/selectTier-p1.1.0.js\u003e; rel=prefetch\r\nx-sc-h: 21-22qk\r\nvia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":69830,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (44721), with CRLF, LF line terminators","md5":"d9a888401303706619d3723769696aad","sha1":"0679fe941ca40eb7120b4633bb064b94fb9503fa","sha256":"61283581b84a523bbd86e7f84b7f17ebc66b41998300c497f095dd6f00501e71","sha512":"f5e77756d4aaa123830405d4af241491843f42d034156f29356c8c78586ce2ae0cbbd9bf1b070b661fe30d6498d70eb5881b96e743ee8c8482ca84c5f5016989","ssdeep":"1536:SKVCCbkMQSH3MMrGAFQ92feAILfy4nxPNqALfyoOk/5f3kkPr3eXuXba6uPYP:SWlkMQSH3MMrGAFQ92feAILfy4n/qMy0","tlshash":"5f6339cc34c27436077b21b6613f2e0ef1bb14557a8e8844e9e5e5a63d3d99b8a23d0d","first_seen":"2026-03-20T03:46:25.639304Z","last_seen":"2026-03-20T03:46:25.639304Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1355,"timings":{"blocked":405,"dns":1,"connect":132,"send":0,"wait":411,"receive":134,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"realtimesearchresults.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"realtimesearchresults.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"l.cdn-fileserver.com/bql.php?vgd_len=5582\u0026\u0026vgd_l2type=dmola\u0026fp=V5fAhCL0dNvdAf05ovOVwecb24iM8i8j4PhKd39Yowo40ix69VvKVU__RdxsaR9D86U3nZs4y_UneCPA2WSC0mvQyhXou5KRV444UeZ4m2A6BAVgoGczc1V_8k2C2gA6\u0026cme=iNq2v1RqAptPmD96hi9N4h0aeEXwIeMwtX2cH1D7gb-BsdIbHFQYX-PtWPxu1Fj6Q55oVV00r4jtdnUWR4t7DSn16rvzyHdST4BkKL9omFt5ORcEA6OqEN7oF8WVXazY__VRJ8d6gOoMumOTPgvnW31m9WGxtro9iXjpcRGQNJxqqcoUcNXsNJe_nZVFzk5lwaRN3EU0XJuJ_0x--DSeQYcjJ2NmwT56uZDlbd72n3ermGQp4bnnjghQduIXCwLCr6Y_h8QCuuAD8S-X0l9ghQ%3D%3D%7C%7CgKezN8EFkjQ9KrDVPyDiPL_MMAZ8CD0GUt69s6vTHxaSj91FLa3s-1SX7-EWtufPuPOimsbRLlsT5Y5aYe3mwUx1ZaJdBZjCC9OJa8FFT_HCc7QHXlIaAgmqse1FiF0DhPIpsfCJNB2H49zF53ElpZGPEmR2ZMpIhBZyRCyy92LAIpcz2cJFNT3L24Mq0P59kCi9wvCMBitsDbK8vR-2trTYZmFDMzpMTeXA6F-XHxEWgwru9GpSJyOLBIhqhjD6U5tq7twNCqCKldOuaEwPXTW9euYetqaXnp5UqnSuPS1g5iEnOV5g6PHX13OIxW5m-8iEiFVgJEZZh738jfiMZuL14XZYvlasAynFTj9ux_xYYc7IUxwvPcxLnomtqsdWSSFw2YuNgxP-WhDVulGG6mhM-6o9eTL_TsBCPEpeQE0Pe0KGi3b_rijDDncz3SG1IhDO0IECYEwaUu9YI5wu2pqQPlHmgp7fQDZ3xIC-CTZcQAuBIP4xbIC7vF4R3j7RWLf0VwS97EYogjd7NBnZVvYedc2FYskmL74_wS4w8r9EFx6XzM2xGfUf0KTWQY44rlpqElBOmsZ81kdmDVe1bRm_IHs9OdBgDG8QdHJKHDo4kedZGnbD1PmnqCbTlyjhLYS5S4elnhpDZJBcOlyta4PPl7uGCWmydoGX9uSmI5PuLGpEBMfHAQ4oEPfCo7pdnoYJf32Hw7-Tl_21uPL3UspxmYeYB6PRpCGTVQ6zWFLDdYbu-RXHThNE5x5-Jdu7rwJ11dKJS1WLb3dd4ua68REQuhGvaTYF%7CWOR44ZnjshyX0FEZj6c52uG8KGTsvju_%7CWtJPvijWHRsfBv4nOZN-Vs0s0qvvEfG0%7CxDcVMoSqRIQy7pX6tOEPXGREHJWXEncEd0ZPyy5ztRg%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C\u0026ksu=360\u0026fdkt=658\u0026vgde_kbbh=fuoyxQBuGUBO\u0026kwd[]=Mental+Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=1\u0026kid[]=121960222\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D16008%7Cclid_serp%3D22327%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.1570%7C7%3D0.0038%7C8%3D031920%7C13%3D0.0196%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4487%7Ckcucs%3D0.5666%7Ckcucs2%3D0.5666%7Ckssks%3D5.0000%7Crcid%3D236535%7Cclpr%3D1.000000%7Ccllvl%3D3%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593560793344\u0026kwd[]=Healthy+Living+Tips\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=2\u0026kid[]=13453153\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D5997%7Cclid_serp%3D5997%7Cakp%3D7%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.6459%7C7%3D0.0037%7C8%3D031920%7C13%3D0.0143%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.5094%7Ckcucs%3D0.6566%7Ckcucs2%3D0.6566%7Ckssks%3D5.0000%7Crcid%3D31828%7Cclpr%3D0.875100%7Ccllvl%3D1%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514268841193204941056\u0026kwd[]=Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=3\u0026kid[]=30608434\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D34992%7Cclid_serp%3D22327%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.2674%7C7%3D0.0046%7C8%3D031920%7C13%3D0.0106%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4534%7Ckcucs%3D0.5354%7Ckcucs2%3D0.5354%7Ckssks%3D5.0000%7Crcid%3D130517%7Cclpr%3D0.947800%7Ccllvl%3D2%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593577570560\u0026kwd[]=Funny+Jokes\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=4\u0026kid[]=11892052\u0026kbc2[]=urt%3D0%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D146.7047%7C7%3D0.0070%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4910%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D231241%7Cclpr%3D0.997000%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026kwd[]=Humor+Posters\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=5\u0026kid[]=14480780\u0026kbc2[]=urt%3D0%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D45.2107%7C7%3D0.0069%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4389%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D194744%7Cclpr%3D0.947300%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026v=1\u0026gdpr=1\u0026geo=59.83%7C10.8\u0026lper=100\u0026lpid=\u0026tsid=1005\u0026hint=\u0026cc=NO\u0026wsip=170764457\u0026bca=0\u0026ugd=4\u0026vgde_setid=Nfu\u0026vgde_chost=LJ1j78YJQJ1LNwLJQxj7Q.NmY\u0026cid=8CU6073RK\u0026vi=1773978361897309628\u0026vsid=DefVid\u0026tdAdd[]=asnum%3D50304\u0026vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D\u0026vgd_adprefflag=00\u0026vgd_adpref_diff=1010\u0026vgd_fm_lang=EN\u0026vgd_implt=3\u0026vgd_cage=0\u0026vgd_tsce=L1174-S1174\u0026vgd_l3_sc=03\u0026vgd_pdtid=1\u0026vgd_oscar=1\u0026vgd_ctrlid=O_SERP\u0026vgd_nrrv=19988\u0026vgd_nrrmf=8301000480a\u0026vgd_nrrsf=scrr\u0026vgd_cty=oslo\u0026vgd_csovr=0\u0026vgd_intc_log=%7B%22impl_type%22%3A%22skp%22%2C%22xvip%22%3A%22208.91.196.46%22%7D\u0026vgd_ifrmode=14\u0026sbdrId=\u0026verid=\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY\u0026kbbq=%26asn%3D50304\u0026vgd_ppvi=2152152396105982456\u0026vgd_wlstp=0\u0026vgd_vstrid=DefVid\u0026vgd_scsver=2969\u0026vgd_himglg=K0P0-O0K0-S0\u0026vgd_cache_metadata=%7B%22kbb%22%3Afalse%7D\u0026vgd_cfud=251031\u0026vgd_optout=0\u0026vgd_l2shld=1\u0026vgd_akcip=91.90.42.0\u0026vgd_oreqf=one\u0026vgd_oresf=one\u0026vgd_och=0\u0026vgd_rensize=1280_1024\u0026vgd_scr_h=1024\u0026vgd_scr_w=1280\u0026vgd_col_sch=l\u0026vgd_be=0\u0026vgd_nmerr=1\u0026tdAdd[]=uiparams%3D%3Brend_w%3A1280%3Brend_h%3A1024\u0026vgd_sc=03\u0026hvsid=00001773978361098015326356482027\u0026rc=0\u0026rand=1773978362268\u0026acid=undefined\u0026matm=1773978362268\u0026vgde_ltimesrc=u\u0026vgde_ltime=u9uf\u0026vgde_rtime=iiW\u0026vgde_etm=uF\u0026vgde_timeObj=%7B%22juJ-JN%22%3Azxjj%2C%22jfjm1O%22%3AWii%2C%22QNLLQ71L7%22%3AW9%2C%22QNLLLJzOJL%22%3Aui%2C%22QNLLJ-JN%22%3AAA%7D\u0026vgd_lhl=2103\u0026vgd_sbSup=1\u0026vgd_nrrs=19988\u0026vgde_cdeplbl=1E8Mzm7M1e18j1GjJ\u0026vgd_end=1","fqdn":"l.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:02.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /bql.php?vgd_len=5582\u0026\u0026vgd_l2type=dmola\u0026fp=V5fAhCL0dNvdAf05ovOVwecb24iM8i8j4PhKd39Yowo40ix69VvKVU__RdxsaR9D86U3nZs4y_UneCPA2WSC0mvQyhXou5KRV444UeZ4m2A6BAVgoGczc1V_8k2C2gA6\u0026cme=iNq2v1RqAptPmD96hi9N4h0aeEXwIeMwtX2cH1D7gb-BsdIbHFQYX-PtWPxu1Fj6Q55oVV00r4jtdnUWR4t7DSn16rvzyHdST4BkKL9omFt5ORcEA6OqEN7oF8WVXazY__VRJ8d6gOoMumOTPgvnW31m9WGxtro9iXjpcRGQNJxqqcoUcNXsNJe_nZVFzk5lwaRN3EU0XJuJ_0x--DSeQYcjJ2NmwT56uZDlbd72n3ermGQp4bnnjghQduIXCwLCr6Y_h8QCuuAD8S-X0l9ghQ%3D%3D%7C%7CgKezN8EFkjQ9KrDVPyDiPL_MMAZ8CD0GUt69s6vTHxaSj91FLa3s-1SX7-EWtufPuPOimsbRLlsT5Y5aYe3mwUx1ZaJdBZjCC9OJa8FFT_HCc7QHXlIaAgmqse1FiF0DhPIpsfCJNB2H49zF53ElpZGPEmR2ZMpIhBZyRCyy92LAIpcz2cJFNT3L24Mq0P59kCi9wvCMBitsDbK8vR-2trTYZmFDMzpMTeXA6F-XHxEWgwru9GpSJyOLBIhqhjD6U5tq7twNCqCKldOuaEwPXTW9euYetqaXnp5UqnSuPS1g5iEnOV5g6PHX13OIxW5m-8iEiFVgJEZZh738jfiMZuL14XZYvlasAynFTj9ux_xYYc7IUxwvPcxLnomtqsdWSSFw2YuNgxP-WhDVulGG6mhM-6o9eTL_TsBCPEpeQE0Pe0KGi3b_rijDDncz3SG1IhDO0IECYEwaUu9YI5wu2pqQPlHmgp7fQDZ3xIC-CTZcQAuBIP4xbIC7vF4R3j7RWLf0VwS97EYogjd7NBnZVvYedc2FYskmL74_wS4w8r9EFx6XzM2xGfUf0KTWQY44rlpqElBOmsZ81kdmDVe1bRm_IHs9OdBgDG8QdHJKHDo4kedZGnbD1PmnqCbTlyjhLYS5S4elnhpDZJBcOlyta4PPl7uGCWmydoGX9uSmI5PuLGpEBMfHAQ4oEPfCo7pdnoYJf32Hw7-Tl_21uPL3UspxmYeYB6PRpCGTVQ6zWFLDdYbu-RXHThNE5x5-Jdu7rwJ11dKJS1WLb3dd4ua68REQuhGvaTYF%7CWOR44ZnjshyX0FEZj6c52uG8KGTsvju_%7CWtJPvijWHRsfBv4nOZN-Vs0s0qvvEfG0%7CxDcVMoSqRIQy7pX6tOEPXGREHJWXEncEd0ZPyy5ztRg%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C\u0026ksu=360\u0026fdkt=658\u0026vgde_kbbh=fuoyxQBuGUBO\u0026kwd[]=Mental+Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=1\u0026kid[]=121960222\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D16008%7Cclid_serp%3D22327%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.1570%7C7%3D0.0038%7C8%3D031920%7C13%3D0.0196%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4487%7Ckcucs%3D0.5666%7Ckcucs2%3D0.5666%7Ckssks%3D5.0000%7Crcid%3D236535%7Cclpr%3D1.000000%7Ccllvl%3D3%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593560793344\u0026kwd[]=Healthy+Living+Tips\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=2\u0026kid[]=13453153\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D5997%7Cclid_serp%3D5997%7Cakp%3D7%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.6459%7C7%3D0.0037%7C8%3D031920%7C13%3D0.0143%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.5094%7Ckcucs%3D0.6566%7Ckcucs2%3D0.6566%7Ckssks%3D5.0000%7Crcid%3D31828%7Cclpr%3D0.875100%7Ccllvl%3D1%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514268841193204941056\u0026kwd[]=Wellness+Programs\u0026kwt[]=658\u0026kbc[]=8cfb849b6638574267ec9c74d96ea825.d2s\u0026kwp[]=3\u0026kid[]=30608434\u0026kbc2[]=dmodel%3D1%7Cclid_fz%3D34992%7Cclid_serp%3D22327%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D0.2674%7C7%3D0.0046%7C8%3D031920%7C13%3D0.0106%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4534%7Ckcucs%3D0.5354%7Ckcucs2%3D0.5354%7Ckssks%3D5.0000%7Crcid%3D130517%7Cclpr%3D0.947800%7Ccllvl%3D2%7Cokt%3D658%7Cbdkt%3D658%7Cps%3D0.996%7Cps_id%3D0\u0026ktd[]=79228162514264337593577570560\u0026kwd[]=Funny+Jokes\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=4\u0026kid[]=11892052\u0026kbc2[]=urt%3D0%7Cakp%3D5%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D146.7047%7C7%3D0.0070%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4910%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D231241%7Cclpr%3D0.997000%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026kwd[]=Humor+Posters\u0026kwt[]=245\u0026kbc[]=375\u0026kwp[]=5\u0026kid[]=14480780\u0026kbc2[]=urt%3D0%7Cakp%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D-2%7Cclid_serp%3D-2%7C24%3D0%7C25%3D0%7C22%3D5.9215%7C23%3D45.2107%7C7%3D0.0069%7C8%3D031920%7C13%3D0.0095%7C14%3D032000%7Ckus%3D5.0000%7Ckucs%3D0.4389%7Ckcucs%3D0.6154%7Ckcucs2%3D0.6154%7Ckssks%3D5.0000%7Crcid%3D194744%7Cclpr%3D0.947300%7Ccllvl%3D3%7Cokt%3D245%7Cbdkt%3D245%7Cps%3D0.981%7Cps_id%3D0\u0026ktd[]=79228162514268841193188098304\u0026v=1\u0026gdpr=1\u0026geo=59.83%7C10.8\u0026lper=100\u0026lpid=\u0026tsid=1005\u0026hint=\u0026cc=NO\u0026wsip=170764457\u0026bca=0\u0026ugd=4\u0026vgde_setid=Nfu\u0026vgde_chost=LJ1j78YJQJ1LNwLJQxj7Q.NmY\u0026cid=8CU6073RK\u0026vi=1773978361897309628\u0026vsid=DefVid\u0026tdAdd[]=asnum%3D50304\u0026vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D\u0026vgd_adprefflag=00\u0026vgd_adpref_diff=1010\u0026vgd_fm_lang=EN\u0026vgd_implt=3\u0026vgd_cage=0\u0026vgd_tsce=L1174-S1174\u0026vgd_l3_sc=03\u0026vgd_pdtid=1\u0026vgd_oscar=1\u0026vgd_ctrlid=O_SERP\u0026vgd_nrrv=19988\u0026vgd_nrrmf=8301000480a\u0026vgd_nrrsf=scrr\u0026vgd_cty=oslo\u0026vgd_csovr=0\u0026vgd_intc_log=%7B%22impl_type%22%3A%22skp%22%2C%22xvip%22%3A%22208.91.196.46%22%7D\u0026vgd_ifrmode=14\u0026sbdrId=\u0026verid=\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY\u0026kbbq=%26asn%3D50304\u0026vgd_ppvi=2152152396105982456\u0026vgd_wlstp=0\u0026vgd_vstrid=DefVid\u0026vgd_scsver=2969\u0026vgd_himglg=K0P0-O0K0-S0\u0026vgd_cache_metadata=%7B%22kbb%22%3Afalse%7D\u0026vgd_cfud=251031\u0026vgd_optout=0\u0026vgd_l2shld=1\u0026vgd_akcip=91.90.42.0\u0026vgd_oreqf=one\u0026vgd_oresf=one\u0026vgd_och=0\u0026vgd_rensize=1280_1024\u0026vgd_scr_h=1024\u0026vgd_scr_w=1280\u0026vgd_col_sch=l\u0026vgd_be=0\u0026vgd_nmerr=1\u0026tdAdd[]=uiparams%3D%3Brend_w%3A1280%3Brend_h%3A1024\u0026vgd_sc=03\u0026hvsid=00001773978361098015326356482027\u0026rc=0\u0026rand=1773978362268\u0026acid=undefined\u0026matm=1773978362268\u0026vgde_ltimesrc=u\u0026vgde_ltime=u9uf\u0026vgde_rtime=iiW\u0026vgde_etm=uF\u0026vgde_timeObj=%7B%22juJ-JN%22%3Azxjj%2C%22jfjm1O%22%3AWii%2C%22QNLLQ71L7%22%3AW9%2C%22QNLLLJzOJL%22%3Aui%2C%22QNLLJ-JN%22%3AAA%7D\u0026vgd_lhl=2103\u0026vgd_sbSup=1\u0026vgd_nrrs=19988\u0026vgde_cdeplbl=1E8Mzm7M1e18j1GjJ\u0026vgd_end=1 HTTP/1.1\r\nHost: l.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\ncache-control: max-age=0, no-cache, no-store\r\ncontent-type: text/javascript\r\nexpires: Thu, 19 Mar 2026 03:46:02 GMT\r\npragma: no-cache\r\ntiming-allow-origin: *\r\ndate: Fri, 20 Mar 2026 03:46:02 GMT\r\ncontent-length: 15\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=63072000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZpLDMYZJiQw4RzaMxsV9O1sJiMf3LE%2FqWViIVG%2BKsob3UOG%2BDuV%2BQ2D5%2BtkWgcExQ9xb54K7RnAHUrcUVhz2rrYkMRUcEZkmNWj3sXn9EgEam5En\"}]}\r\ncf-ray: 9df1ba3c7ef52efa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"2ba5e95642c652c708881ad3c9d8443f","sha1":"5bfcc33bb9cc897546c600206b03d1307bd63a94","sha256":"c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24","sha512":"8c157fc41fd03bbd47633269b18effb652644e58284f8f85465b0ffba9b5a06544a03ed0655706c96edfa09a64f4f164f6bbc573ac5045000cae03c8b36d046f","ssdeep":"","tlshash":"7e600000000cc030030f0c00c3000300303000c000000c33000f30cc000000c00fc303","first_seen":"2025-03-08T00:25:13.560069Z","last_seen":"2026-04-05T03:47:17.272801Z","times_seen":142529,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"l.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"l.cdn-fileserver.com/bqi.php?vgd_len=1760\u0026\u0026vgd_aref=0\u0026vgd_tsce=L1174-S1174\u0026vgd_l2type=dmola\u0026vgd_ydspr=0\u0026vgd_cdv=O2940\u0026vgd_cage=0\u0026vgd_pgids=0\u0026vgd_pdtid=1\u0026vgd_oreqf=one\u0026vgd_oresf=one\u0026lf=3\u0026prid=8PR11258V\u0026cid=8CU6073RK\u0026crid=848515096\u0026requrl=http%3A%2F%2Fdang.life\u0026vi=1773978361897309628\u0026ugd=4\u0026cc=NO\u0026sc=03\u0026gdpr=1\u0026vgd_acid=undefined\u0026hvsid=00001773978361098015326356482027\u0026cme=iNq2v1RqAptPmD96hi9N4h0aeEXwIeMwtX2cH1D7gb-BsdIbHFQYX-PtWPxu1Fj6Q55oVV00r4jtdnUWR4t7DSn16rvzyHdST4BkKL9omFt5ORcEA6OqEN7oF8WVXazY__VRJ8d6gOoMumOTPgvnW31m9WGxtro9iXjpcRGQNJxqqcoUcNXsNJe_nZVFzk5lwaRN3EU0XJuJ_0x--DSeQYcjJ2NmwT56uZDlbd72n3ermGQp4bnnjghQduIXCwLCr6Y_h8QCuuAD8S-X0l9ghQ%3D%3D%7C%7CgKezN8EFkjQ9KrDVPyDiPL_MMAZ8CD0GUt69s6vTHxaSj91FLa3s-1SX7-EWtufPuPOimsbRLlsT5Y5aYe3mwUx1ZaJdBZjCC9OJa8FFT_HCc7QHXlIaAgmqse1FiF0DhPIpsfCJNB2H49zF53ElpZGPEmR2ZMpIhBZyRCyy92LAIpcz2cJFNT3L24Mq0P59kCi9wvCMBitsDbK8vR-2trTYZmFDMzpMTeXA6F-XHxEWgwru9GpSJyOLBIhqhjD6U5tq7twNCqCKldOuaEwPXTW9euYetqaXnp5UqnSuPS1g5iEnOV5g6PHX13OIxW5m-8iEiFVgJEZZh738jfiMZuL14XZYvlasAynFTj9ux_xYYc7IUxwvPcxLnomtqsdWSSFw2YuNgxP-WhDVulGG6mhM-6o9eTL_TsBCPEpeQE0Pe0KGi3b_rijDDncz3SG1IhDO0IECYEwaUu9YI5wu2pqQPlHmgp7fQDZ3xIC-CTZcQAuBIP4xbIC7vF4R3j7RWLf0VwS97EYogjd7NBnZVvYedc2FYskmL74_wS4w8r9EFx6XzM2xGfUf0KTWQY44rlpqElBOmsZ81kdmDVe1bRm_IHs9OdBgDG8QdHJKHDo4kedZGnbD1PmnqCbTlyjhLYS5S4elnhpDZJBcOlyta4PPl7uGCWmydoGX9uSmI5PuLGpEBMfHAQ4oEPfCo7pdnoYJf32Hw7-Tl_21uPL3UspxmYeYB6PRpCGTVQ6zWFLDdYbu-RXHThNE5x5-Jdu7rwJ11dKJS1WLb3dd4ua68REQuhGvaTYF%7CWOR44ZnjshyX0FEZj6c52uG8KGTsvju_%7CWtJPvijWHRsfBv4nOZN-Vs0s0qvvEfG0%7CxDcVMoSqRIQy7pX6tOEPXGREHJWXEncEd0ZPyy5ztRg%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C\u0026fp=V5fAhCL0dNvdAf05ovOVwecb24iM8i8j4PhKd39Yowo40ix69VvKVU__RdxsaR9D86U3nZs4y_UneCPA2WSC0mvQyhXou5KRV444UeZ4m2A6BAVgoGczc1V_8k2C2gA6\u0026vgd_rensize=1280_1024\u0026vgd_end=1","fqdn":"l.cdn-fileserver.com","domain":"cdn-fileserver.com","tld":"com"},"ip":{"addr":"172.67.181.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=788\u002622=nR\u00262Ar=PSYw6v-G0\u00262Ek~-=e%29Rj9%28eXv\u00262Ek~u=IZFXlAkK2\u00262KfAr=\u00262bAr=PXP9j96ew\u00262rF=RueX6\u00263Ar=\u00263ArFu=\u00263B=6\u00263rb_r=\u00263tB=\u00265uKDfB=r~I5t\u00268rfb=j\u00268rfb2kZK=\u0026AZAr=6\u0026AkK25=PcsC1v9sV%3AUYs%7CTBPs%3ALe7HANHNA4HJ4\u0026B2bAr=\u0026C3Ar=\u0026D3kl22lB.f=\u0026Df5f=\u0026DrZfb=\u0026EKKfZ=j\u0026FA=jvv-evP-wjPev-6ewuP\u0026I5tL=IkB\u0026IAr=vBXLuv6-TXBujTXjweTPP2vTj22t6LurB-L-\u0026KZ2B=ojjvX\u0026LZ=\u0026N8r=X\u0026NZfBkL=6\u0026Z2=6-\u0026Z3rb_r=\u0026ZAMB=jj9X.wPe\u0026ZZ5r=%7B%22ZZ22%22%3A%22nR%22%2C%22ZZ2KD%22%3A%22IZ5I%22%2C%22ZZAf%22%3A%22%22%2C%22ZZZ2%22%3A%226-%22%7D\u0026bByNb5=EKKf%3A%2F%2Frtk8H5ALB\u0026fAr=\u0026ghbL=\u0026gr=\u0026h5ZKf=6\u0026hZEf=6\u0026htmlsrc=1\u0026kKF=\u0026kkdd=An%7C%21%7C%2AhuAH93nW\u0026k~Bbb=j\u0026rB2~~~=\u0026r~bL=j\u0026t2K=%29i_Mz8nBMNBN.-yNyXiMLBnXkNzkN8X8tiL\u0026t3L5hAr=Fu\u0026tfSN=\u0026tpid=\u0026trF=\u0026trI~tAk=\u0026trKj=\u0026trKu=\u0026~Zft=6\u0026eobd=\u0026eoac=RvYbkNvbY\u0026ure=1#vgd_sc=03\u0026acl=\u0026aclp=\u0026cl=\u0026clp=\u0026hvsid=00001773978361098015326356482027\u0026l2type=dmola\u0026lp=%7B%22ppvi%22%3A%222152152396105982456%22%2C%22wlstp%22%3A%220%22%7D\u0026matchstring=\u0026pvl=%7B%22nmerr%22%3A%221%22%7D\u0026pvlp=\u0026sbdrId=\u0026verid=\u0026acid=undefined\u0026mprpslog=DUFd-y5j1XPG5dFZrhDoKRUGPn_hj-M3Tb29snlbMAKtxaAa0waRVmRq9l36T9uTrURj8ksuXWDVLzs-1wQSJQW9iqp8zyIFwM_iU94HpuU-IFeSiG2u6kAb1PQz2xOUxxoBTBROR4XM5gjqBQjYsJb1S4_WFFuf1d9B93vWj1s5mWVxUhW5x8DPX-haA4XTaOkNFPcrrQY%3D\u0026tchkpts=%7B%22prel2%22%3A1773978361289%7D\u0026stime=1773978361289\u0026l3d=%257B%2522l2host%2522%253A%2522https%253A%252F%252Frealtimesearchresults.com%252Fsr%252F754870121%252FSAFEFRAME.html%253F%252521Hf%253D-02FgbY1FV1V%252528~RVRj0F41YjoVgoVbjb%25252104%2526%252521KUV%253D%2526%252521P4s_5h%253DMJ%2526%252521hM%253D%2526%252521hfJ%253D%2526%252521hfX%253D%2526%252521hwB%2525215o%253D%25261H85h%253D%252647%253D%2526575h%253DC%25265ofHs%253D3.9Q%252529aZ9L%25253ASx9%25257CO139%25253A4mAr5VrV5WrvW%252675F1%253DXXZj%252528I3m%252677sh%253D%25257B%25252277HH%252522%25253A%252522Yy%252522%25252C%25252277HfG%252522%25253A%252522w7sw%252522%25252C%252522775K%252522%25253A%252522%252522%25252C%252522777H%252522%25253A%252522C~%252522%25257D%25267H%253DC~%25267Ph82h%253D%252681RV8s%253DlffK%25253A%25252F%25252Fh%252521obrs541%2526B7K%252521%253DC%2526GKsK%253D%2526GPoEHHE1%252528K%253D%2526Gh7K8%253D%2526H5h%253D3UxICa~6N%2526H85h%253D3j3ZXZCmI%2526HH%253DYy%2526HfK5h%253D%2526HhM%253DyJmjC%2526HloBJ%253Dw7MjE5ofH%2526HloB~%253Dm-yXZnmja%2526K5h%253D%2526M5%253DXaa~ma3~IX3ma~CmIJ3%2526P%2525211%253D%2526P1%253DC%2526P5h%253D%2526P5hMJ%253D%2526Ph82h%253D%2526QP5h%253D%2526V7K1o4%253DC%2526Vbh%253Dj%2526_7lK%253DC%2526_s7fK%253DC%2526bhK8%253DX%2526bhK8Ho7f%253D%2526f7H1%253D%25252AXXaj%2526h1HBBB%253D%2526htmlsrc%253D1%2526kkdd%253Duh%25257Cu%25257C93H%25252AAn%2526lffK7%253DX%2526oB188%253DX%2526ofM%253D%2526sJfGK1%253DhBws%252521%2526tpid%253D%2526u_84%253D%2526uh%253D%2526w5h%253Da1j4JaC~Oj1JXOjXImO33HaOXHH%252521C4Jh1~4~%2526ws%2525214%253Dwo1%2522%252C%2522be%2522%253A%25220%2522%252C%2522nmerr%2522%253A%25221%2522%257D\u0026infr=1\u0026twna=1","date":"2026-03-20T03:46:03.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn-fileserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 16:34:52 GMT","end":"Tue, 28 Apr 2026 17:33:19 GMT"},"fingerprint":{"sha1":"F3:1F:AE:F5:F8:55:3C:E0:73:9D:53:9F:50:2C:79:55:B2:A1:33:D1","sha256":"50:7A:11:63:E8:59:A1:60:B9:7A:1C:11:46:F4:E5:9E:5A:10:E9:46:AD:96:82:92:F4:32:FE:23:EC:45:AC:B9"}}},"request":{"raw":"GET /bqi.php?vgd_len=1760\u0026\u0026vgd_aref=0\u0026vgd_tsce=L1174-S1174\u0026vgd_l2type=dmola\u0026vgd_ydspr=0\u0026vgd_cdv=O2940\u0026vgd_cage=0\u0026vgd_pgids=0\u0026vgd_pdtid=1\u0026vgd_oreqf=one\u0026vgd_oresf=one\u0026lf=3\u0026prid=8PR11258V\u0026cid=8CU6073RK\u0026crid=848515096\u0026requrl=http%3A%2F%2Fdang.life\u0026vi=1773978361897309628\u0026ugd=4\u0026cc=NO\u0026sc=03\u0026gdpr=1\u0026vgd_acid=undefined\u0026hvsid=00001773978361098015326356482027\u0026cme=iNq2v1RqAptPmD96hi9N4h0aeEXwIeMwtX2cH1D7gb-BsdIbHFQYX-PtWPxu1Fj6Q55oVV00r4jtdnUWR4t7DSn16rvzyHdST4BkKL9omFt5ORcEA6OqEN7oF8WVXazY__VRJ8d6gOoMumOTPgvnW31m9WGxtro9iXjpcRGQNJxqqcoUcNXsNJe_nZVFzk5lwaRN3EU0XJuJ_0x--DSeQYcjJ2NmwT56uZDlbd72n3ermGQp4bnnjghQduIXCwLCr6Y_h8QCuuAD8S-X0l9ghQ%3D%3D%7C%7CgKezN8EFkjQ9KrDVPyDiPL_MMAZ8CD0GUt69s6vTHxaSj91FLa3s-1SX7-EWtufPuPOimsbRLlsT5Y5aYe3mwUx1ZaJdBZjCC9OJa8FFT_HCc7QHXlIaAgmqse1FiF0DhPIpsfCJNB2H49zF53ElpZGPEmR2ZMpIhBZyRCyy92LAIpcz2cJFNT3L24Mq0P59kCi9wvCMBitsDbK8vR-2trTYZmFDMzpMTeXA6F-XHxEWgwru9GpSJyOLBIhqhjD6U5tq7twNCqCKldOuaEwPXTW9euYetqaXnp5UqnSuPS1g5iEnOV5g6PHX13OIxW5m-8iEiFVgJEZZh738jfiMZuL14XZYvlasAynFTj9ux_xYYc7IUxwvPcxLnomtqsdWSSFw2YuNgxP-WhDVulGG6mhM-6o9eTL_TsBCPEpeQE0Pe0KGi3b_rijDDncz3SG1IhDO0IECYEwaUu9YI5wu2pqQPlHmgp7fQDZ3xIC-CTZcQAuBIP4xbIC7vF4R3j7RWLf0VwS97EYogjd7NBnZVvYedc2FYskmL74_wS4w8r9EFx6XzM2xGfUf0KTWQY44rlpqElBOmsZ81kdmDVe1bRm_IHs9OdBgDG8QdHJKHDo4kedZGnbD1PmnqCbTlyjhLYS5S4elnhpDZJBcOlyta4PPl7uGCWmydoGX9uSmI5PuLGpEBMfHAQ4oEPfCo7pdnoYJf32Hw7-Tl_21uPL3UspxmYeYB6PRpCGTVQ6zWFLDdYbu-RXHThNE5x5-Jdu7rwJ11dKJS1WLb3dd4ua68REQuhGvaTYF%7CWOR44ZnjshyX0FEZj6c52uG8KGTsvju_%7CWtJPvijWHRsfBv4nOZN-Vs0s0qvvEfG0%7CxDcVMoSqRIQy7pX6tOEPXGREHJWXEncEd0ZPyy5ztRg%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C\u0026fp=V5fAhCL0dNvdAf05ovOVwecb24iM8i8j4PhKd39Yowo40ix69VvKVU__RdxsaR9D86U3nZs4y_UneCPA2WSC0mvQyhXou5KRV444UeZ4m2A6BAVgoGczc1V_8k2C2gA6\u0026vgd_rensize=1280_1024\u0026vgd_end=1 HTTP/1.1\r\nHost: l.cdn-fileserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://realtimesearchresults.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\ncache-control: max-age=0, no-cache, no-store\r\ncontent-type: text/javascript\r\nexpires: Thu, 19 Mar 2026 03:46:03 GMT\r\npragma: no-cache\r\ndate: Fri, 20 Mar 2026 03:46:03 GMT\r\ncontent-length: 15\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=63072000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bw4QkT6ytnRIU1ICfGjBzWj85X9BIdVe%2B10LR0Jb1je9SaaMq2YD3SfAzhGfV0Jmmq9BR8X5YXCkF361es5re8OvLTd5K8iTXODLQq5YSiz74YZ9\"}]}\r\ncf-ray: 9df1ba429f4c2efa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":15,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"2ba5e95642c652c708881ad3c9d8443f","sha1":"5bfcc33bb9cc897546c600206b03d1307bd63a94","sha256":"c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24","sha512":"8c157fc41fd03bbd47633269b18effb652644e58284f8f85465b0ffba9b5a06544a03ed0655706c96edfa09a64f4f164f6bbc573ac5045000cae03c8b36d046f","ssdeep":"","tlshash":"7e600000000cc030030f0c00c3000300303000c000000c33000f30cc000000c00fc303","first_seen":"2025-03-08T00:25:13.560069Z","last_seen":"2026-04-05T03:47:17.272801Z","times_seen":142529,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":131,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"l.cdn-fileserver.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.primecirclenet.com/mon","fqdn":"obseu.primecirclenet.com","domain":"primecirclenet.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:11.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.primecirclenet.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:CD:CE:40:54:75:ED:33:2B:EA:D8:63:1D:3F:B6:67:59:16:7B:8E","sha256":"0E:A6:F7:74:71:23:FF:55:50:64:33:31:67:9A:4B:BA:ED:FB:8C:15:AF:37:3E:B5:46:DD:01:F8:6E:88:5C:CE"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.primecirclenet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1802\r\nOrigin: http://ww38.gov.dang.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww38.gov.dang.life/\r\nCookie: cg_uuid=b31ced042117374d1519a4de7b3c5ea7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1802,"data":"e=37dfbd8ee84e00126dedce32e2448c9c9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d57138d642f17071a10acf9f29f671b8182da52783f1ffc797603843cdb36c601310c729706555867070cc3eb3a4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c294573065da08b79682c51f7ac1f2a8fffa62e99e40827187ffea6a09cc972eacfc248b5038e523d65cceb92a9e471d280f061856b4a95b9c3330751b06267b6c74b22f08caa2ad818a31fe4d107d053d99b2ad632348a8b658d34d38db6e185eee31928fe33a4e8e823434ac3c17f82e650b9475a13920c488fd4cd88d1fb8137d83ad78ef5d038ae323b358e3873d4b7975f01d7e678e94ea598698674a07a020514c035ab06d9c4b874b58b789f5cebcf929b628d784a66fa52027878092687e323fa05d0cca62aae9969ebbb2a9adaa9b13dc1f0f7512626b1ba0c168bed470c4cbbb7b067a42687e35ceee132af75a030974fc91dd7a93fdb072ee4af967a223660022f17411eaae08a70cf0bb744495f34f9b647c3851b04f9a4c2b9ba68def0e2fe86e4b2f64a4e20e64087b2457385436476cb71093435a269a56418dceac6648969d02d88ad2dd3bc4fd8317e5543650a169fbbe28d3a3347860a06d08a8da9bad8521b9fb7ba7e9fc87b78ded30c6e18b398b8075bdf70800ad813ba76f200c7da57bde366f0919ad3864665e8e332648a75a08caede4ddd3b716c7f9c684719d8ff35dc8d06d68bd98802df8dec5e122505fa64b90faa49a0d538d2633f7e126b3926be04ecd4640ce631d2adf729cb9b18ce6679ae117c2e97f4c34a07bf63ff8f0cc8476c5508ae312d82afd560d7457ec7c701abdfc1eddf01890c472815ee657a11cfc54e4eb021eefec02d93c1b34d0e3eb060210804cf1050fa8bb74e44826870cf85d602dbdebfcf5a22be2ca9452e0f8a5c2921908c585d998eb0c4e8a017e928eb\u0026cri=WgSsO2xAgV\u0026sf=0\u0026dc=\u0026cp=10\u0026gtm=-\u0026gac=-\u0026uvid=c3c85550d2658a51d6520f04af377cc11d51def2\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=10016\u0026mo=0\u0026pn=11216\u0026spn=1200\u0026fp=447\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: http://ww38.gov.dang.life\r\ncontent-type: application/json\r\ndate: Fri, 20 Mar 2026 03:46:11 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T03:47:03.156897Z","times_seen":13357702,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T03:46:00.270Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww38.gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 20 Mar 2026 03:46:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\nAccept-Ch-Lifetime: 30\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nVia: 0.0 Caddy\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pTlgDvl8twoEI0vkWE6oHRZMLA/rrcOvDuNICmUnHETGQcaSiV26wVWRUJBMTBLFwEdUe6YjksFTCaTZurpcxg==\r\nX-Domain: dang.life\r\nX-Pcrew-Blocked-Reason: hosting network\r\nX-Pcrew-Ip-Organization: Blix Solutions\r\nX-Redirect: skenzo\r\nX-Subdomain: ww38.gov\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15495,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (448)","md5":"124611d93382ca80e9a1aad6f4e56194","sha1":"c293657fc812a5c26d0e2f32c2d16581af72b62e","sha256":"42766232394f4b3c9d8d82cb423def198543da0cde5c1302e90d6547c0d14243","sha512":"f8e6c86f8af0a14573b2eb9923383afd4d9eb48fd94e9c8c325ca750d22cc729cf9a73697e114f612b96e715f810ddf41c0ee22253103d456854db8a26e6a5be","ssdeep":"192:7R8pKfsTxcYoHSiF57zA5GYJ80OJdt+/eF4HlA0llYHw8YoHsfOBro2Tc/q3sy:7excYoHSiF5Nno/G8gYoHsfO2/g","tlshash":"b662a8436be31519f11b80a98f9aa74932289107960fcd6cfaec779cdf481d461a3bdc","first_seen":"2026-03-20T03:46:25.640583Z","last_seen":"2026-03-20T03:46:25.640583Z","times_seen":1,"resource_available":true,"data":null}},"time_used":440,"timings":{"blocked":107,"dns":1,"connect":106,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.600592+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":546},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":8,\"bytes_toserver\":639,\"bytes_toclient\":6298,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww38.gov.dang.life/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Z2fAXKfDZxu5YaFQtQwsqR1h6TwSS9XCqxdaKxzKvQG5L8OEhcQA6Q._V500Fgwf6QekeQhAZHcyA.2IueS8Z8uLaaLYmDQNQHy5ssj8BALHqYozH2DWPB00hhy60hPzHmQor2Utkp7dX2CKW8kpMVq2uqvmf8gRSdTDCvLih6zGuaDF6cR6gT5aJErNpo2Snx_ACCu6yoKaZSfuZSHwNyiw194E_SJGqH0rVskVEzyPVHjHhjL5BnZ90MlIDju6XYN5bkvEYMGW9p0UWL8eCR7YCZLHDmWBj3Ng.Th7BlfGV7KoO2hvvu_Z_ag\u0026t=69bcc2f8\u0026token=c3c85550d2658a51d6520f04af377cc11d51def2","fqdn":"ww38.gov.dang.life","domain":"dang.life","tld":"life"},"ip":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww38.gov.dang.life/","date":"2026-03-20T03:46:00.693Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Z2fAXKfDZxu5YaFQtQwsqR1h6TwSS9XCqxdaKxzKvQG5L8OEhcQA6Q._V500Fgwf6QekeQhAZHcyA.2IueS8Z8uLaaLYmDQNQHy5ssj8BALHqYozH2DWPB00hhy60hPzHmQor2Utkp7dX2CKW8kpMVq2uqvmf8gRSdTDCvLih6zGuaDF6cR6gT5aJErNpo2Snx_ACCu6yoKaZSfuZSHwNyiw194E_SJGqH0rVskVEzyPVHjHhjL5BnZ90MlIDju6XYN5bkvEYMGW9p0UWL8eCR7YCZLHDmWBj3Ng.Th7BlfGV7KoO2hvvu_Z_ag\u0026t=69bcc2f8\u0026token=c3c85550d2658a51d6520f04af377cc11d51def2 HTTP/1.1\r\nHost: ww38.gov.dang.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww38.gov.dang.life/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx\r\nDate: Fri, 20 Mar 2026 03:46:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"9fe3cb2b7313dc79bb477bc8fde184a7","sha1":"4d7b3cb41e90618358d0ee066c45c76227a13747","sha256":"32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864","sha512":"c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db","ssdeep":"","tlshash":"2cc08c26351e2c0c96a322b402c36a50d092c3304c5a19004600420371c31168ac3315","first_seen":"2023-04-05T07:27:09Z","last_seen":"2026-04-05T03:40:40.705612Z","times_seen":75753,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-20T03:46:00Z","timestamp":1773978360,"ip_dst":{"addr":"185.53.179.200","port":80,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.3","port":39228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to Suspicious *.life Domain","source":"{\"timestamp\":\"2026-03-20T03:46:00.800087+0000\",\"flow_id\":809179404574603,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":39228,\"dest_ip\":\"185.53.179.200\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027876,\"rev\":5,\"signature\":\"ET INFO HTTP Request to Suspicious *.life Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ww38.gov.dang.life\",\"url\":\"/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Z2fAXKfDZxu5YaFQtQwsqR1h6TwSS9XCqxdaKxzKvQG5L8OEhcQA6Q._V500Fgwf6QekeQhAZHcyA.2IueS8Z8uLaaLYmDQNQHy5ssj8BALHqYozH2DWPB00hhy60hPzHmQor2Utkp7dX2CKW8kpMVq2uqvmf8gRSdTDCvLih6zGuaDF6cR6gT5aJErNpo2Snx_ACCu6yoKaZSfuZSHwNyiw194E_SJGqH0rVskVEzyPVHjHhjL5BnZ90MlIDju6XYN5bkvEYMGW9p0UWL8eCR7YCZLHDmWBj3Ng.Th7BlfGV7KoO2hvvu_Z_ag\u0026t=69bcc2f8\u0026token=c3c85550d2658a51d6520f04af377cc11d51def2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://ww38.gov.dang.life/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":146},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1729,\"bytes_toclient\":6700,\"start\":\"2026-03-20T03:46:00.270219+0000\"}}"}],"analyzer":null,"urlquery":null}}]}