{"report_id":"ce97816e-e64d-42a2-ba36-adc015fe90f7","version":6,"status":"done","tags":[],"date":"2024-09-02T16:38:37Z","url":{"schema":"http","addr":"push.razkondronging.com/register?uid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","fqdn":"push.razkondronging.com","domain":"razkondronging.com","tld":"com"},"ip":{"addr":"217.12.201.190","port":0,"asn":21100,"as":"ITL LLC","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"title":"Install Jewel Puzzle"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T23:09:54Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"topofpopstar.com","ip":{"addr":"145.239.19.55","port":0,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":5,"received_data":26491,"sent_data":2803,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-01 18:13:08","alert_count":0,"request_count":3,"received_data":2661,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-01 18:13:21","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"push.razkondronging.com","ip":{"addr":"217.12.201.190","port":0,"asn":21100,"as":"ITL LLC","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-02-21","domain_rank":0,"first_seen":"2024-04-11 16:19:19","last_seen":"2024-06-24 22:42:49","alert_count":0,"request_count":1,"received_data":407,"sent_data":480,"comment":"","tags":null,"fingerprints":null},{"fqdn":"e6.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 08:35:09","last_seen":"2024-09-01 18:20:40","alert_count":0,"request_count":1,"received_data":730,"sent_data":326,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:12.513093257Z","timestamp":1725295092513,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"36E32E96E96FF13975DFB765119AD431A8A3BEDC9CDD8F16BBE7460664EE177C\"\r\nLast-Modified: Sat, 31 Aug 2024 21:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19205\r\nExpires: Mon, 02 Sep 2024 21:58:17 GMT\r\nDate: Mon, 02 Sep 2024 16:38:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9af7a8cd532ef5aaf31ca93238520c04","sha1":"f072b79c778c47733bbd3377e03f716ecdfc14ea","sha256":"36e32e96e96ff13975dfb765119ad431a8a3bedc9cdd8f16bbe7460664ee177c","sha512":"ba9f26895517bd3f9a41281bc0dd717725e2301657f270ee36528e851d90499162efa0cb0de5edb25eb175e77ca3a8051e84c6cb06ec864a04992e2bf525db7c","ssdeep":"","tlshash":"f3f00e9a0355ba01b9f89a016aa5c97dae312e8d35000de029a043a2aa12ff99e95088","first_seen":"2024-09-01T01:17:59Z","last_seen":"2024-09-20T20:09:24.01985Z","times_seen":35440,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:12.517948435Z","timestamp":1725295092517,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A\"\r\nLast-Modified: Sat, 31 Aug 2024 00:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3992\r\nExpires: Mon, 02 Sep 2024 17:44:44 GMT\r\nDate: Mon, 02 Sep 2024 16:38:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"404e3e4520c09fcce1358b1a21f6b171","sha1":"040aa03460f3d7ec6f75cae0bf5a462a4bb9798d","sha256":"f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a","sha512":"c6aeb0600af58d7b976deb390ccb1c0859bc7c7ab55009bb167c7045d9e3cf01720a61fde3cb6ece0776bf36becf6e8002e7cfb6740be1d0526213a3a08b2598","ssdeep":"","tlshash":"32f00ee1022efe41daf651021fa4f81a2f327eff394409f1054016923404ffd8a05094","first_seen":"2024-08-31T02:24:41Z","last_seen":"2024-09-20T20:16:30.159732Z","times_seen":36159,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:13.002346806Z","timestamp":1725295093002,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349\"\r\nLast-Modified: Sat, 31 Aug 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6366\r\nExpires: Mon, 02 Sep 2024 18:24:18 GMT\r\nDate: Mon, 02 Sep 2024 16:38:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"231aa156f55dd8497dca6a2066312be3","sha1":"741432c8275492eb38bba5d0841685dc4f864fee","sha256":"f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349","sha512":"55246c200dfe81e5fdeb1dcfcd16e969e9a425860bf47f2cf5f9c8554e2e77361a6bb81c8185d3f361c0fff3ec5272451f83c73b13125c28e6e7995e5f1b7eb1","ssdeep":"","tlshash":"f9f0050517bc6910feac14755ab5d51d9d10adfe307500c454e045e0b501be71e1456c","first_seen":"2024-08-31T07:59:12Z","last_seen":"2024-09-20T20:16:30.160355Z","times_seen":25067,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:13.296434246Z","timestamp":1725295093296,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E\"\r\nLast-Modified: Sat, 31 Aug 2024 02:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5595\r\nExpires: Mon, 02 Sep 2024 18:11:28 GMT\r\nDate: Mon, 02 Sep 2024 16:38:13 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9d2c063731a46a7e1548540195080de0","sha1":"dd1924ebf7697509a10f3f07604f28f96b4fc498","sha256":"0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e","sha512":"44460d78dff1f776757236ec07d15d80a7c84d3d5de93bd9729e489227c22657121283b1bf5f7410d78726c5ce2b0b4ccb409d4a0de7efeb3ceb023737d6dae9","ssdeep":"","tlshash":"65f00e2a26d6f4009da81021aeecc11e5810bfae3ca498b328a141e2b481fed4c7540d","first_seen":"2024-08-31T08:13:43.830613Z","last_seen":"2024-09-20T20:16:30.160771Z","times_seen":27687,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.razkondronging.com/register?uid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","fqdn":"push.razkondronging.com","domain":"razkondronging.com","tld":"com"},"ip":{"addr":"217.12.201.190","port":0,"asn":21100,"as":"ITL LLC","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:13.756590513Z","timestamp":1725295093756,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /register?uid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64 HTTP/1.1\r\nHost: push.razkondronging.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Mon, 02 Sep 2024 16:33:57 GMT\r\nContent-Type: text/html; charset=utf8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET,OPTIONS\r\nAccess-Control-Allow-Origin: *\r\nLocation: https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64\r\nTiming-Allow-Origin: *\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"e6.o.lencr.org/","fqdn":"e6.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:14.063368229Z","timestamp":1725295094063,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: e6.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 346\r\nETag: \"1C15A831C59F7A3028868BF1E91B29AC8F03462162184E985EE5B4C1F2DEB198\"\r\nLast-Modified: Mon, 02 Sep 2024 03:29:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21600\r\nExpires: Mon, 02 Sep 2024 22:38:14 GMT\r\nDate: Mon, 02 Sep 2024 16:38:14 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":346,"size_decoded":346,"mime_type":"application/octet-stream","magic":"data","md5":"674545ab2dbc4778cc8e3ef4aa0a579f","sha1":"419b4336dd98b584fd79e5003659d3fb4b218c26","sha256":"1c15a831c59f7a3028868bf1e91b29ac8f03462162184e985ee5b4c1f2deb198","sha512":"fdbbe26e9c122d8b7092df6e307953ee00d200e506469b65d1f31243568ad54241250c47d1752610d04a47b1f884b096422d56cf15b1c6fe009006324d90b951","ssdeep":"","tlshash":"72e0c06853196c248e70394476d9c0303fb1301b04229d912c14c3e7bc1275ce508c4e","first_seen":"2024-09-19T23:09:56.514909Z","last_seen":"2024-09-19T23:09:56.514909Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"ip":{"addr":"145.239.19.55","port":0,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:14.140156874Z","timestamp":1725295094140,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64 HTTP/1.1\r\nHost: topofpopstar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 02 Sep 2024 16:31:39 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET,OPTIONS\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1538,"size_decoded":4806,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"b313420870d6bfca45272efa56d8dcf3","sha1":"0ca517f9cc4725f27be1757606fcd1c3010bd998","sha256":"fbbd01bda7d237aa9c2bc6d280cd506dae4598b870ed22d86c0919bdd40fabe0","sha512":"329e65ec4b3c68309d5aaf49d3d504b802e42b30313698657417054e573dd2c9e5fa37999e795ef42484471a675f088e473e49a54c0fc7780a44ea5242d50208","ssdeep":"96:fMOJgRFWFVSGjCYXHlynSfs9Cv3JQsRxJSM:fMmgRFWFVS0pFyn4v3JQlM","tlshash":"e2a1516aa5a31446b903c4a01ba71b853765c807c60bd9587fee72d8cf879d488a33cd","first_seen":"2023-05-28T14:25:12Z","last_seen":"2026-04-12T14:11:25.249822Z","times_seen":16,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"topofpopstar.com/img/jewel-puzzle/image_logo.png","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"ip":{"addr":"145.239.19.55","port":0,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:14.414739376Z","timestamp":1725295094414,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /img/jewel-puzzle/image_logo.png HTTP/1.1\r\nHost: topofpopstar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 02 Sep 2024 16:31:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 10358\r\nLast-Modified: Wed, 29 Jun 2022 19:17:58 GMT\r\nConnection: keep-alive\r\nETag: \"62bca566-2876\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":10358,"size_decoded":10358,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"88b7dc893ebdb50af7b81ae2cee6a162","sha1":"36afa045cc884fd2ee3d67436ce0ca3f96945b2d","sha256":"6dbba708f8f1c9ab5bb236869db418518b623d703bc3fd021fb249debccfb8bd","sha512":"d45149ba672b11caa1be2c45f43fbd8fed2f700471d68a142775a155adcb024626bee04c7a49b44582bee9688e1afee2a41abfbaa6a97c92caccc863f2d37767","ssdeep":"","tlshash":"","first_seen":"2023-05-28T14:25:12Z","last_seen":"2026-04-12T14:11:25.250624Z","times_seen":19,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"topofpopstar.com/img/jewel-puzzle/bg.jpg","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"ip":{"addr":"145.239.19.55","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","date":"2024-09-02T16:38:14.372Z","timestamp":1725295094372,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"topofpopstar.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jul 2024 14:32:11 GMT","end":"Sun, 20 Oct 2024 14:32:10 GMT"},"fingerprint":{"sha1":"1E:00:2D:54:73:60:C5:36:25:D2:F9:EB:1A:0E:B9:AC:E2:17:52:7F","sha256":"29:FB:91:AF:D1:37:AE:82:48:9E:9E:4C:68:0D:16:B4:4A:D2:D7:48:F2:D2:A8:B8:78:00:23:55:5D:ED:77:D9"}}},"request":{"raw":"GET /img/jewel-puzzle/bg.jpg HTTP/1.1\r\nHost: topofpopstar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 02 Sep 2024 16:31:39 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 9635\r\nLast-Modified: Wed, 29 Jun 2022 19:17:56 GMT\r\nConnection: keep-alive\r\nETag: \"62bca564-25a3\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9635,"size_decoded":9635,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x800, components 3","md5":"3a084766cbc47c1fc417c61f52eb7da6","sha1":"c9712463bdd50662607425ee1f3c58082129ae07","sha256":"80da5c5ef0111f4f8b98eebaac3113a87482bcc40dfc9a1e026208b5384a59cb","sha512":"7384001b71f6c16d09e0669b3191bb9cc2b5c4f32ee87649d3a5e5454ee05dc7ca300a0677c039e003f23d852ec2668fe219cae66327429a55659e2adc38a204","ssdeep":"","tlshash":"","first_seen":"2023-05-28T14:25:12Z","last_seen":"2026-04-12T14:11:25.262697Z","times_seen":19,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"topofpopstar.com/img/jewel-puzzle/stars.png","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"ip":{"addr":"145.239.19.55","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","date":"2024-09-02T16:38:14.375Z","timestamp":1725295094375,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"topofpopstar.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jul 2024 14:32:11 GMT","end":"Sun, 20 Oct 2024 14:32:10 GMT"},"fingerprint":{"sha1":"1E:00:2D:54:73:60:C5:36:25:D2:F9:EB:1A:0E:B9:AC:E2:17:52:7F","sha256":"29:FB:91:AF:D1:37:AE:82:48:9E:9E:4C:68:0D:16:B4:4A:D2:D7:48:F2:D2:A8:B8:78:00:23:55:5D:ED:77:D9"}}},"request":{"raw":"GET /img/jewel-puzzle/stars.png HTTP/1.1\r\nHost: topofpopstar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 02 Sep 2024 16:31:39 GMT\r\nContent-Type: image/png\r\nContent-Length: 3885\r\nLast-Modified: Wed, 29 Jun 2022 19:17:59 GMT\r\nConnection: keep-alive\r\nETag: \"62bca567-f2d\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3885,"size_decoded":3885,"mime_type":"image/png","magic":"PNG image data, 474 x 88, 8-bit colormap, non-interlaced","md5":"a22e0b1cf4d9abd67bf526b0abab426d","sha1":"09b9d448f281598b7e097beb31c14846b04d8035","sha256":"a05d57f41f62ab381693ce32af76cfbabe8e32f7028fd975f28df596255d772b","sha512":"03b1931da6888da80cf65da8869e078330eb493c926c3e79d18b882d31d6a0c02ffab4dd3af25f79a28ca201e6b8ba01d50c42a946c3d1efa2854fd72b5ca645","ssdeep":"","tlshash":"aa817df65136cb8b0a50a67235dc405cc089aba26e3499996a0fb4e1e9a72f8140273f","first_seen":"2023-05-14T07:38:55Z","last_seen":"2026-04-26T14:46:24.704572Z","times_seen":82,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":110,"dns":0,"connect":49,"send":0,"wait":48,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"topofpopstar.com/favicon.ico","fqdn":"topofpopstar.com","domain":"topofpopstar.com","tld":"com"},"ip":{"addr":"145.239.19.55","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64","date":"2024-09-02T16:38:14.542Z","timestamp":1725295094542,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"topofpopstar.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jul 2024 14:32:11 GMT","end":"Sun, 20 Oct 2024 14:32:10 GMT"},"fingerprint":{"sha1":"1E:00:2D:54:73:60:C5:36:25:D2:F9:EB:1A:0E:B9:AC:E2:17:52:7F","sha256":"29:FB:91:AF:D1:37:AE:82:48:9E:9E:4C:68:0D:16:B4:4A:D2:D7:48:F2:D2:A8:B8:78:00:23:55:5D:ED:77:D9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: topofpopstar.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://topofpopstar.com/r/2/e94550c93cd70fe748e6982b3439ad3b/?sclid=752E3E78E82301C24A570A2949C7CDE1-403E6C560E1DF051A174974DDAC231302A11CF64\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.22.1\r\nDate: Mon, 02 Sep 2024 16:31:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"topofpopstar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:15.100897726Z","timestamp":1725295095100,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779\"\r\nLast-Modified: Sat, 31 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5428\r\nExpires: Mon, 02 Sep 2024 18:08:43 GMT\r\nDate: Mon, 02 Sep 2024 16:38:15 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cd17cb634dff900a1abd17dd730b0151","sha1":"1c8c3d220db108bce3fa89adf307e60dedb6d1f8","sha256":"258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779","sha512":"e5cff0c59a2b3e0152f459ba42744f2422fb1d4f061ab8a5eff9a38e3583880bc25ced338cf90f892152fade29bdcedf52d8be5336427d456615fd56ad1c2922","ssdeep":"","tlshash":"dcf005d31725ec519f3c483d6cfee01b1d305c5d54201466595041e11817fb795d4648","first_seen":"2024-08-31T11:23:09Z","last_seen":"2024-09-20T20:16:09.956447Z","times_seen":11116,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:15.102404775Z","timestamp":1725295095102,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779\"\r\nLast-Modified: Sat, 31 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5428\r\nExpires: Mon, 02 Sep 2024 18:08:43 GMT\r\nDate: Mon, 02 Sep 2024 16:38:15 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cd17cb634dff900a1abd17dd730b0151","sha1":"1c8c3d220db108bce3fa89adf307e60dedb6d1f8","sha256":"258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779","sha512":"e5cff0c59a2b3e0152f459ba42744f2422fb1d4f061ab8a5eff9a38e3583880bc25ced338cf90f892152fade29bdcedf52d8be5336427d456615fd56ad1c2922","ssdeep":"","tlshash":"dcf005d31725ec519f3c483d6cfee01b1d305c5d54201466595041e11817fb795d4648","first_seen":"2024-08-31T11:23:09Z","last_seen":"2024-09-20T20:16:09.956447Z","times_seen":11116,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T16:38:15.103859695Z","timestamp":1725295095103,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779\"\r\nLast-Modified: Sat, 31 Aug 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5428\r\nExpires: Mon, 02 Sep 2024 18:08:43 GMT\r\nDate: Mon, 02 Sep 2024 16:38:15 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cd17cb634dff900a1abd17dd730b0151","sha1":"1c8c3d220db108bce3fa89adf307e60dedb6d1f8","sha256":"258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779","sha512":"e5cff0c59a2b3e0152f459ba42744f2422fb1d4f061ab8a5eff9a38e3583880bc25ced338cf90f892152fade29bdcedf52d8be5336427d456615fd56ad1c2922","ssdeep":"","tlshash":"dcf005d31725ec519f3c483d6cfee01b1d305c5d54201466595041e11817fb795d4648","first_seen":"2024-08-31T11:23:09Z","last_seen":"2024-09-20T20:16:09.956447Z","times_seen":11116,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}