{"report_id":"d4d9bf4a-0a93-468e-9da7-2b51d2534f87","version":6,"status":"done","tags":[],"date":"2024-09-10T21:47:17Z","url":{"schema":"http","addr":"qexyhuv.com/login.phpAw","fqdn":"qexyhuv.com","domain":"qexyhuv.com","tld":"com"},"ip":{"addr":"15.197.240.20","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"qexyhuv.com/lander","fqdn":"qexyhuv.com","domain":"qexyhuv.com","tld":"com"},"title":"qexyhuv.com/lander"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T21:21:03Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-09 18:12:09","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-09 18:12:09","alert_count":0,"request_count":5,"received_data":4436,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"qexyhuv.com","ip":{"addr":"15.197.240.20","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2011-10-26","domain_rank":0,"first_seen":"2012-12-06 17:01:07","last_seen":"2024-04-06 02:07:52","alert_count":2,"request_count":2,"received_data":1560,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"btloader.com","ip":{"addr":"172.67.41.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2020-10-06","domain_rank":169057,"first_seen":"2020-10-22 22:38:52","last_seen":"2024-09-09 21:29:36","alert_count":0,"request_count":1,"received_data":20394,"sent_data":416,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img1.wsimg.com","ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"domain_registered":"2008-03-17","domain_rank":9893,"first_seen":"2012-06-20 16:42:31","last_seen":"2024-09-09 19:30:34","alert_count":0,"request_count":4,"received_data":181943,"sent_data":1788,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-09-09 18:24:06","alert_count":0,"request_count":2,"received_data":1398,"sent_data":650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ad-delivery.net","ip":{"addr":"172.67.69.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2017-05-03","domain_rank":1341,"first_seen":"2017-06-22 07:33:30","last_seen":"2024-09-09 21:29:37","alert_count":0,"request_count":2,"received_data":2380,"sent_data":857,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-09-06 22:34:32","alert_count":0,"request_count":1,"received_data":56001,"sent_data":424,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-10","alert":"Sinkholed","trigger":"qexyhuv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-10","alert":"Sinkholed","trigger":"qexyhuv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026gdabp=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc381474086d3b893c07e7f2fe20ca02","sha1":"21252227ed54583d51f82e5d8b093d536e759d3b","sha256":"8624cdfac6e981ab9ac4fdf0e1ecbfed0bacc8e6ec1a6982e091e928e750dfdd","sha512":"e7f17b3dfadde56edf413b659e04c4077408ce8d26947f79008880a114a6bd891e037c83073eb4ce3646390616edfa59667a6f0ee4e490fbe6d2b67a46e9b320","ssdeep":"1536:/R7h1tBtgm1xZPyjWDcrELdLk2GBlwJR2lUSI9YLvvG2H0gqHlcwXc/i5dOm/N9W:p+wulZlUSq0HHM15dHONkFka7g","tlshash":"50e35c9d73a5702253a394f4207f428fb236f955e84849b8b098c8e47cb5da90277fbd","size":153161,"data":"","first_seen":"2024-09-05T23:33:49Z","last_seen":"2024-09-19T22:23:19.536057Z","times_seen":807,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qexyhuv.com/lander","fqdn":"qexyhuv.com","domain":"qexyhuv.com","tld":"com"},"ip":{"addr":"15.197.240.20","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2fd31b0c8487f6772652cedda194755c","sha1":"5c07375f006be29971c1ca3a9ca70b7bf30ea76d","sha256":"c7085977e37b61064d880aca4ae3786e795e01008883f3de1739b60cc80a74d3","sha512":"3b7bae0cffd6351a6ef229860dd7af1c715d539f4cbc49b2108588da96b29cac5345a0a97724c42afdbb1d27336c315140f626d32f6618f94d2351604add5ee2","ssdeep":"","tlshash":"b680002880808000c82088fb220b22bc323cf0c0a0008e202220302023c00238803080","size":27,"data":"","first_seen":"2024-01-30T23:25:12Z","last_seen":"2025-03-01T09:47:33.204594Z","times_seen":4572,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.3853e9c6.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec02983800c25593e7e2d9f1c7445dd8","sha1":"29c7cd0f15d8f33251794dbe6b941ec941e83322","sha256":"59e25e371b40a6c3e16855a8394ffc230332149d1ca266e83f46bec8622875a4","sha512":"ecd34f1ed24ec0fadd010cbd7ea869a943a2d141f642764da482fe26624ff43df954f5b44230e7f56e05db193c2bc3acefd5b345d92b04228bba723db91ff19b","ssdeep":"12288:dsb1QYnTxQYnT9DUk4f0WTI4WugqciqXDEu4Om4+BcWO7:d01QYnTxQYnTF4OHL","tlshash":"74e42bce76d1b07407e292ead83b684fb279ae11d008c571ef7ec9da9469449813bf1c","size":691253,"data":"","first_seen":"2024-09-03T18:30:19Z","last_seen":"2024-09-28T08:48:06.45483Z","times_seen":461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"btloader.com/tag?o=5097926782615552\u0026upapi=true","fqdn":"btloader.com","domain":"btloader.com","tld":"com"},"ip":{"addr":"172.67.41.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"303d3b164501236c23df435c35d38e13","sha1":"88e3c1aea0d6dbcfef2b23dfedcf4db6b78f93d9","sha256":"3d37b23aa263dfe0df00bbf8a709d6f2e407696ba836869e8ea426d69eedf7a9","sha512":"4d613221bb785e6eeab88b046d2106dcd674df12262801e6f6652a81e5449af7f74ee485f627febb262a014b24d5f04216f933841002b6be6b29b3d9063feaca","ssdeep":"768:bemBuCcWtxP2UozEk3bU0Frg0G6vHWLdDrJVDQEPXqHC/uPNYXXCALKphULIS1xb:zur03GDrgIQDCALgULIeOu","tlshash":"ef431998f350e0b50beb55b1c13b6112f779753039088468f9686dc13caa687a6bbff4","size":59494,"data":"","first_seen":"2024-09-04T23:17:34Z","last_seen":"2024-09-19T22:37:15.064172Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:51.483558241Z","timestamp":1726004811483,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"FDFD7BC2CF6ECC38FB1098F0FDB33CC28A034BB850556C8BE63823F4C4718BE2\"\r\nLast-Modified: Tue, 10 Sep 2024 00:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4789\r\nExpires: Tue, 10 Sep 2024 23:06:40 GMT\r\nDate: Tue, 10 Sep 2024 21:46:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6bd7ab339c70a2fbeee4c8c0acd11d01","sha1":"d73d3395447b2a06e32c1e3efb673107259de9d2","sha256":"fdfd7bc2cf6ecc38fb1098f0fdb33cc28a034bb850556c8be63823f4c4718be2","sha512":"7cc6d530bea83774ef6829c6db75313b8685dedaba842aea688588976d0984075c4764c97846f62b255386d8ba552298f55f78cfc5fd38824ff26e8509e1c3f1","ssdeep":"","tlshash":"c8f00efa2aa77170e7a23a2369a6fe6f19307dde7910805250908fd24b60bb8da40009","first_seen":"2024-09-10T06:38:11Z","last_seen":"2024-09-19T21:33:01.953343Z","times_seen":23843,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:51.485754963Z","timestamp":1726004811485,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3F59C24A6538550F52A4C9B39D9F57B023C9D44D50A846E742B763F74DFC179D\"\r\nLast-Modified: Sun, 08 Sep 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11706\r\nExpires: Wed, 11 Sep 2024 01:01:57 GMT\r\nDate: Tue, 10 Sep 2024 21:46:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"85b35ef8e54cfd751670f6a6d56541bd","sha1":"162e94ccf2a785ea99c41f45c3a76815a2f8ae5f","sha256":"3f59c24a6538550f52a4c9b39d9f57b023c9d44d50a846e742b763f74dfc179d","sha512":"ff00c3a57b0afd5271ff47fb423989e1d520fa029b23dbd1c89609059b3e895c3bb49e3a344fd88fb45aee27c76964aa7d7aa720cd0ac48c69890856081e9baf","ssdeep":"","tlshash":"95f075f226a0b79071f105241878de34cb24f7ee30c090ca01dc8481fc187d25281408","first_seen":"2024-09-08T14:22:20Z","last_seen":"2024-09-19T21:53:05.385554Z","times_seen":25465,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:51.501542979Z","timestamp":1726004811501,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A1AF1E16E4DEE4FDDB367A97DB6166A3A6426119A4011F92C5BEEC2527956FC2\"\r\nLast-Modified: Tue, 10 Sep 2024 05:29:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12837\r\nExpires: Wed, 11 Sep 2024 01:20:48 GMT\r\nDate: Tue, 10 Sep 2024 21:46:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"58beced47b68fd7403fc4f6f33da2343","sha1":"3680103fd5ac371652065987f97b410f10752f84","sha256":"a1af1e16e4dee4fddb367a97db6166a3a6426119a4011f92c5beec2527956fc2","sha512":"95b866bd182560cef6702da436fd40b9249fe285f439cf65a8a4cbb41cefd49f5c9758b96959a3a23f685d58b51010da1da922372e6cfa4100ed36d29b2061b9","ssdeep":"","tlshash":"11f0c05026af688016164c36c9fcc63a5a281dfc3991046221d067e17c00ff9934410c","first_seen":"2024-09-10T09:06:54Z","last_seen":"2024-09-19T21:31:29.585333Z","times_seen":598,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:51.869701565Z","timestamp":1726004811869,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6D53E4415D0C45468D4481CF09E5EA095019A86AF85CCD64064EB060AB802455\"\r\nLast-Modified: Tue, 10 Sep 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6375\r\nExpires: Tue, 10 Sep 2024 23:33:06 GMT\r\nDate: Tue, 10 Sep 2024 21:46:51 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c02cbc5c5d1b0406dcc246d4bd1a6d2b","sha1":"4926c8ef9661a0a06ddca8476543ba0016f6db23","sha256":"6d53e4415d0c45468d4481cf09e5ea095019a86af85ccd64064eb060ab802455","sha512":"54e1f5e26cbc4cc061fcbe9545e9aeb6fe6cce51a980dafe0d9f8abd1e55d46a9155a98d9ec11c4b63b8acd16776693ee302f4acb02d93dba3f11ee488d34a7a","ssdeep":"","tlshash":"87f00e7737d2bf88be76081664f8e11579d5eeee3440188205cc88e27774bba5e8c08d","first_seen":"2024-09-10T16:41:35Z","last_seen":"2024-09-19T21:25:55.865433Z","times_seen":8473,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:52.092779753Z","timestamp":1726004812092,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"805F75981A2D1663F4672BC0630039D679800D1ED2EA8C246522234014136B2E\"\r\nLast-Modified: Tue, 10 Sep 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3173\r\nExpires: Tue, 10 Sep 2024 22:39:45 GMT\r\nDate: Tue, 10 Sep 2024 21:46:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"edb18f95b8662494bb1744d32f0faab9","sha1":"e0db81a4003112c263f3ae9b4ada98249a114cfa","sha256":"805f75981a2d1663f4672bc0630039d679800d1ed2ea8c246522234014136b2e","sha512":"b3712f19d5770db9c414ee5dbc1b7513270dddb03fc450265ef10aa32409041a4eb8ddd03b22ec34238093d24af8f45b558887b57713365c91ebb39662f4abdd","ssdeep":"","tlshash":"8ef0c96a32eaba14b1288d1618faf9213e709cbf385505e2edc806e054067ef88d4c4d","first_seen":"2024-09-10T09:05:19Z","last_seen":"2024-09-19T21:31:34.766294Z","times_seen":8776,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qexyhuv.com/login.phpAw","fqdn":"qexyhuv.com","domain":"qexyhuv.com","tld":"com"},"ip":{"addr":"15.197.240.20","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:52.576666261Z","timestamp":1726004812576,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /login.phpAw HTTP/1.1\r\nHost: qexyhuv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 114\r\ndate: Tue, 10 Sep 2024 21:46:52 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":114,"size_decoded":114,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"e89f75f918dbdcee28604d4e09dd71d7","sha1":"f9d9055e9878723a12063b47d4a1a5f58c3eb1e9","sha256":"6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023","sha512":"8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0","ssdeep":"","tlshash":"eeb092ddbc61e48018e535511ea3b60d146a22ebb9018b4018c00836a96035f8d0aac5","first_seen":"2024-03-15T21:37:10Z","last_seen":"2026-04-03T19:24:19.174722Z","times_seen":123141,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-10","alert":"Sinkholed","trigger":"qexyhuv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qexyhuv.com/lander","fqdn":"qexyhuv.com","domain":"qexyhuv.com","tld":"com"},"ip":{"addr":"15.197.240.20","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-10T21:46:52.780Z","timestamp":1726004812780,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qexyhuv.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 11 Apr 2024 20:01:43 GMT","end":"Fri, 11 Apr 2025 20:01:43 GMT"},"fingerprint":{"sha1":"27:D2:FE:0C:A9:FE:C4:CD:C5:6F:B5:8D:23:6B:E8:44:CF:AE:3D:66","sha256":"49:A1:30:A6:D1:D4:FA:9F:70:BA:A2:AA:D8:3B:F3:61:8D:14:D5:48:54:78:F0:94:5E:E5:39:49:92:5E:60:B2"}}},"request":{"raw":"GET /lander HTTP/1.1\r\nHost: qexyhuv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/login.phpAw\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private, max-age=86400\r\ncontent-type: text/html\r\ndate: Tue, 10 Sep 2024 21:46:52 GMT\r\nserver: openresty\r\nset-cookie: expiry_partner=newfold.EXPIRED.D6FD8B5F-DE1F-46CE-A960-95D34D9DA776; Path=/; Max-Age=86400\ncaf_ipaddr=91.90.42.154; Path=/; Max-Age=86400\ncountry=NO; Path=/; Max-Age=86400\ncity=Oslo; Path=/; Max-Age=86400\nlander_type=parking-newfold; Path=/; Max-Age=86400\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UkKscT+/s84yCuERToe9bh4HHogjP+V3WrlMfJ92dXotd7+EO8w7vDaOPnbWP8+NKr7PHu15/y/+3TTjVk2+zw\r\nx-content-type-options: nosniff\r\ncontent-length: 620\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":620,"size_decoded":620,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (619)","md5":"e0d9ec4bc02ce7909e17e2ffb5aeebf9","sha1":"d5b186061c7cf7f9da0907ae08914ff96487f88c","sha256":"1c5761f4630e87223db6656a17c945bee96432a2e6b9cf387c9dba0204db4330","sha512":"dfe80075832dccbeb7a825f31b22c0aadaf1482e7f7e56947adf6da7f667554901ee00c967a9bca1b9a099adab9b6fcb73e1dca690d2bd15901a737dc3e3e411","ssdeep":"","tlshash":"65f0acd3dc91c22c0b70d6ea7922fa2c900af91ade81e981a49504bb68d47e38c5a994","first_seen":"2024-09-03T19:22:06Z","last_seen":"2024-09-28T08:47:53.99952Z","times_seen":264,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-10","alert":"Sinkholed","trigger":"qexyhuv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"btloader.com/tag?o=5097926782615552\u0026upapi=true","fqdn":"btloader.com","domain":"btloader.com","tld":"com"},"ip":{"addr":"172.67.41.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:52.927Z","timestamp":1726004812927,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btloader.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Aug 2024 07:40:14 GMT","end":"Fri, 08 Nov 2024 07:40:13 GMT"},"fingerprint":{"sha1":"A0:4D:88:12:72:B0:BC:09:DE:06:7F:27:7C:BC:97:EC:D6:DE:31:F0","sha256":"73:FB:C7:87:A8:D1:28:BE:1D:20:4A:9A:05:40:11:DC:61:6D:7D:EA:D0:88:A5:D9:AB:3F:8B:05:45:5A:D8:8A"}}},"request":{"raw":"GET /tag?o=5097926782615552\u0026upapi=true HTTP/1.1\r\nHost: btloader.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Sep 2024 21:46:52 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 19861\r\ncache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300\r\ncontent-encoding: gzip\r\netag: \"c056f8239de5cf5d1407adda00edb0bd\"\r\nlast-modified: Tue, 10 Sep 2024 21:03:14 GMT\r\nvary: Origin, Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\nvia: 1.1 google\r\ncf-cache-status: HIT\r\nage: 2398\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 8c129d00df28568b-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19861,"size_decoded":59494,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (59493)","md5":"303d3b164501236c23df435c35d38e13","sha1":"88e3c1aea0d6dbcfef2b23dfedcf4db6b78f93d9","sha256":"3d37b23aa263dfe0df00bbf8a709d6f2e407696ba836869e8ea426d69eedf7a9","sha512":"4d613221bb785e6eeab88b046d2106dcd674df12262801e6f6652a81e5449af7f74ee485f627febb262a014b24d5f04216f933841002b6be6b29b3d9063feaca","ssdeep":"768:bemBuCcWtxP2UozEk3bU0Frg0G6vHWLdDrJVDQEPXqHC/uPNYXXCALKphULIS1xb:zur03GDrgIQDCALgULIeOu","tlshash":"ef431998f350e0b50beb55b1c13b6112f779753039088468f9686dc13caa687a6bbff4","first_seen":"2024-09-04T23:17:34Z","last_seen":"2024-09-19T22:37:15.064172Z","times_seen":127,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":11,"dns":0,"connect":1,"send":0,"wait":10,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/css/main.ef90a627.css","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:52.931Z","timestamp":1726004812931,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/static/css/main.ef90a627.css HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: 64lore5TSfvdWFuZ5ulUFJeEqK5jvQiAg30CEKk0ykalrZJnWIpwKxhT9ALKgHqj4bWpYd2i09hXrTd8OiuBfA==\r\nx-amz-request-id: 806XHFT81MZ0XFJH\r\nlast-modified: Tue, 03 Sep 2024 14:45:36 GMT\r\netag: \"3f821ada778691e677aef2cea8c4b4f6\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 40CZ4bPQbhYCkwHdFTQKcn_HlGzFwyL5\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncache-control: max-age=31536000\r\nexpires: Wed, 10 Sep 2025 21:46:53 GMT\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ncontent-length: 1111\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1111,"size_decoded":3854,"mime_type":"text/css","magic":"ASCII text, with very long lines (3809)","md5":"3f821ada778691e677aef2cea8c4b4f6","sha1":"643e7b729b25c2f800469623191dc837798e9d50","sha256":"7510035d553a99fbf93eb67737b2df057ce096fa1ed7aad83cfd559e11f2320d","sha512":"8993a8ad28ed4035a022d1b7274c77a97b8235b2ddcd5e6d29f7230d375851539900d4ace652c94c4be8a8284ffd86501df420385a6e680df4222c162deff4d5","ssdeep":"","tlshash":"5181ed232ea15e3efce6c25cd9a0ffdd3169b500f02791aed81329314aaa7441e67b05","first_seen":"2024-08-28T22:53:24Z","last_seen":"2024-12-26T09:22:37.289854Z","times_seen":1707,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":79,"dns":9,"connect":21,"send":0,"wait":25,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:53.050321732Z","timestamp":1726004813050,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 10 Sep 2024 21:46:53 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"6e4875a947dc86ab3baef5f2ed2f7c51","sha1":"2126def29bffa4686d8a4ed22b18a92dfba6fb8e","sha256":"16f3a624e3e12f605659b43e5de351f04e1919e4850eceb4d35339a48d96f6a6","sha512":"d154e207ebc9a3dc50b466068b0e65ef7ecf4a8b4e0c20fd3c3e9fa3680d513990934cbe4e97cb01a3538b1d56d099b94afc5656e05ca6cba30801755372a7c8","ssdeep":"","tlshash":"24f0dc48f4f13ea9ee1748a539d8c740be38591c123922c3793c45e0248cfec9f20324","first_seen":"2024-09-10T18:03:38Z","last_seen":"2024-09-19T21:25:06.30695Z","times_seen":944,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.3853e9c6.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:52.929Z","timestamp":1726004812929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/static/js/main.3853e9c6.js HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: jvQ0DIPx7LHh1Z2zvNAShtdLKNddjVCvHFvD9nrQFkap3bAEFQj8AScOk8dQWjmAORB9C6oqhak=\r\nx-amz-request-id: 2ZF019PE6EA5953H\r\nlast-modified: Tue, 03 Sep 2024 14:45:32 GMT\r\netag: \"ec02983800c25593e7e2d9f1c7445dd8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: gczBBAgY87rngTpqjvOUqE3DUj9sYKIO\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 178266\r\ncache-control: max-age=31536000\r\nexpires: Wed, 10 Sep 2025 21:46:53 GMT\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":178266,"size_decoded":691253,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"ec02983800c25593e7e2d9f1c7445dd8","sha1":"29c7cd0f15d8f33251794dbe6b941ec941e83322","sha256":"59e25e371b40a6c3e16855a8394ffc230332149d1ca266e83f46bec8622875a4","sha512":"ecd34f1ed24ec0fadd010cbd7ea869a943a2d141f642764da482fe26624ff43df954f5b44230e7f56e05db193c2bc3acefd5b345d92b04228bba723db91ff19b","ssdeep":"12288:dsb1QYnTxQYnT9DUk4f0WTI4WugqciqXDEu4Om4+BcWO7:d01QYnTxQYnTF4OHL","tlshash":"74e42bce76d1b07407e292ead83b684fb279ae11d008c571ef7ec9da9469449813bf1c","first_seen":"2024-09-03T18:30:19Z","last_seen":"2024-09-28T08:48:06.45483Z","times_seen":461,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":83,"dns":9,"connect":21,"send":0,"wait":24,"receive":69,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:53.251845514Z","timestamp":1726004813251,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 10 Sep 2024 21:46:53 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"e6eff260c04e65bc022b758d1273cd0c","sha1":"7f72cc9f038128d23286235062e4f8fd07c08504","sha256":"c0dae04523e7f86e16cd8a0aae5611264e4d638edf2f19d92264c482386de590","sha512":"91d5957cfa33b256b1d460f416d8d8ac2ef72a6ead0dd1786d3f640ed28724de54d6b0a2014659f70f863e48120b27f5ce46c21b9bce0736f464bcb89214f6c4","ssdeep":"","tlshash":"77f0d44534f15da1dd1f981620ded09e3e39050d54b51743412ee5ced105ffe6404234","first_seen":"2024-09-10T18:17:09Z","last_seen":"2024-09-19T21:24:55.286415Z","times_seen":1221,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/px.js?ch=1\u0026abp=1\u0026gdabp=true","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:53.265Z","timestamp":1726004813265,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/px.js?ch=1\u0026abp=1\u0026gdabp=true HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://qexyhuv.com/\r\nOrigin: https://qexyhuv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: NCyIsa5DDDoy+AwdCMKqkzDrKWOicXTl93kyaLMe35SdvYsET9MGYmuqaoJKG6CIUIZ8Bkoge7Y=\r\nx-amz-request-id: 20GHN0XP15F3HKEA\r\nlast-modified: Wed, 28 Aug 2024 20:07:12 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 3ePmFqsYxfyHSN4QPkH47ZTl7RneQYV5\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20\r\ncache-control: max-age=31536000\r\nexpires: Wed, 10 Sep 2025 21:46:53 GMT\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"application/javascript","magic":"gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)","md5":"3970e82605c7d109bb348fc94e9eecc0","sha1":"e03849ea786b9f7b28a35c17949e85a93eb1cff1","sha256":"f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967","sha512":"59c8107c5a9678cd4b6bd1d194ac0987ce0d0542ceeece8430452c238375aa49f0cea3646935315ea994d8ab05e56af112157122be8272185830093fd5922b67","ssdeep":"","tlshash":"a570000000c00c30cc00003000000000000c00000000c3030000000000030c000c003c","first_seen":"2023-05-08T18:56:19Z","last_seen":"2025-03-02T04:48:45.505957Z","times_seen":19661,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad-delivery.net/px.gif?ch=2","fqdn":"ad-delivery.net","domain":"ad-delivery.net","tld":"net"},"ip":{"addr":"172.67.69.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:53.280Z","timestamp":1726004813280,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad-delivery.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jul 2024 10:29:29 GMT","end":"Sun, 13 Oct 2024 10:29:28 GMT"},"fingerprint":{"sha1":"D3:6C:33:E0:88:AC:63:91:E5:B1:DC:FF:5F:46:EC:DE:3D:00:C4:B5","sha256":"CA:E7:3B:AF:A7:96:FD:54:27:96:0D:A1:8F:AA:0B:B7:2D:32:53:9C:AE:35:45:7B:78:83:49:57:88:2C:07:F6"}}},"request":{"raw":"GET /px.gif?ch=2 HTTP/1.1\r\nHost: ad-delivery.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-goog-generation: 1620242732037093\r\nx-goog-metageneration: 5\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 43\r\nx-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nx-guploader-uploadid: ABPtcPqbKSdoxbAA410mrggZiKfDXsJhP9ixcj5r_g42RwC-BpGRQV1l4taKqygKMi5bdZIZlA\r\nexpires: Wed, 14 Aug 2024 07:47:09 GMT\r\ncache-control: public, max-age=86400\r\nage: 2384813\r\nlast-modified: Wed, 05 May 2021 19:25:32 GMT\r\netag: \"ad4b0f606e0f8465bc4c4c170b37e1a3\"\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4hm%2F86MJcc%2B95DIGyvYv85MHW%2FFeqOnjMkmU7e9DDJlgGUKyMyT%2F8vwJHwcsLin%2Fw8AO5Lowej4uopK28u5qChptY6MwwDFVy3M0AotfJXNOXoXhQhMfRuigu5Nea3AIAA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8c129d032f405690-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":43,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T19:30:30.340382Z","times_seen":326355,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":24,"dns":3,"connect":1,"send":0,"wait":23,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad-delivery.net/px.gif?ch=1\u0026e=0.6420032089802349","fqdn":"ad-delivery.net","domain":"ad-delivery.net","tld":"net"},"ip":{"addr":"172.67.69.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:53.287Z","timestamp":1726004813287,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad-delivery.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jul 2024 10:29:29 GMT","end":"Sun, 13 Oct 2024 10:29:28 GMT"},"fingerprint":{"sha1":"D3:6C:33:E0:88:AC:63:91:E5:B1:DC:FF:5F:46:EC:DE:3D:00:C4:B5","sha256":"CA:E7:3B:AF:A7:96:FD:54:27:96:0D:A1:8F:AA:0B:B7:2D:32:53:9C:AE:35:45:7B:78:83:49:57:88:2C:07:F6"}}},"request":{"raw":"GET /px.gif?ch=1\u0026e=0.6420032089802349 HTTP/1.1\r\nHost: ad-delivery.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-goog-generation: 1620242732037093\r\nx-goog-metageneration: 5\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 43\r\nx-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nx-guploader-uploadid: ABPtcPqbKSdoxbAA410mrggZiKfDXsJhP9ixcj5r_g42RwC-BpGRQV1l4taKqygKMi5bdZIZlA\r\nexpires: Wed, 14 Aug 2024 07:47:09 GMT\r\ncache-control: public, max-age=86400\r\nage: 2384813\r\nlast-modified: Wed, 05 May 2021 19:25:32 GMT\r\netag: \"ad4b0f606e0f8465bc4c4c170b37e1a3\"\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=v%2B3zUR3EHLt0ASKnRZnBx82c4prZPEi5Y%2B%2FSm0r1CQDhAr9SeHRraBF9FRnXjN8A%2FO8yq6iXnVC5OUZMnLc%2FcZR%2F1ZIrl4bZmnfBYiKmi2qYlmuUU8EQaKqdedJhVUSA3A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8c129d033f4f5690-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":43,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T19:30:30.340382Z","times_seen":326355,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":28,"dns":1,"connect":6,"send":0,"wait":19,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026gdabp=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:52.925Z","timestamp":1726004812925,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Aug 2024 07:19:41 GMT","end":"Mon, 04 Nov 2024 07:19:40 GMT"},"fingerprint":{"sha1":"8C:22:1C:CB:12:29:80:FE:65:17:C7:64:C1:F6:8E:07:EB:34:A8:42","sha256":"B1:16:E1:B9:02:5A:1C:0A:08:DD:DF:1F:17:A5:CB:6F:6E:F6:10:27:41:14:F4:5C:07:7B:22:71:28:58:33:91"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026gdabp=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qexyhuv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\nexpires: Tue, 10 Sep 2024 21:46:53 GMT\r\ncache-control: private, max-age=3600\r\netag: \"17255214492138740118\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55159,"size_decoded":153161,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1618)","md5":"dc381474086d3b893c07e7f2fe20ca02","sha1":"21252227ed54583d51f82e5d8b093d536e759d3b","sha256":"8624cdfac6e981ab9ac4fdf0e1ecbfed0bacc8e6ec1a6982e091e928e750dfdd","sha512":"e7f17b3dfadde56edf413b659e04c4077408ce8d26947f79008880a114a6bd891e037c83073eb4ce3646390616edfa59667a6f0ee4e490fbe6d2b67a46e9b320","ssdeep":"1536:/R7h1tBtgm1xZPyjWDcrELdLk2GBlwJR2lUSI9YLvvG2H0gqHlcwXc/i5dOm/N9W:p+wulZlUSq0HHM15dHONkFka7g","tlshash":"50e35c9d73a5702253a394f4207f428fb236f955e84849b8b098c8e47cb5da90277fbd","first_seen":"2024-09-05T23:33:49Z","last_seen":"2024-09-19T22:23:19.536057Z","times_seen":807,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":146,"dns":1,"connect":21,"send":0,"wait":35,"receive":0,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:54.0064803Z","timestamp":1726004814006,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17262F224CDA9BD7912F9BBBF2B674CB97D997485FF1F5040E4CFE73A04360CE\"\r\nLast-Modified: Tue, 10 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3816\r\nExpires: Tue, 10 Sep 2024 22:50:30 GMT\r\nDate: Tue, 10 Sep 2024 21:46:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0d73bb8f423c272f8206f468a187cda1","sha1":"ac92ec37ff809a72dc2a4ca83c0e3ffe0e465075","sha256":"17262f224cda9bd7912f9bbbf2b674cb97d997485ff1f5040e4cfe73a04360ce","sha512":"8a59aad49a506b51cbdd3817a5b75567fbc6d2a46a3a932035c027a62585c263de6e17f0e8c7cf95c7ea8ffa797db0f5b430c2bc466872c7cf8a36380e72c408","ssdeep":"","tlshash":"58f005523376e980b4dd147d9ad8f01319243ddc749864590abc4ae17d48ff6b10425d","first_seen":"2024-09-10T12:16:29Z","last_seen":"2024-09-19T21:29:31.271706Z","times_seen":12104,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:54.008635562Z","timestamp":1726004814008,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17262F224CDA9BD7912F9BBBF2B674CB97D997485FF1F5040E4CFE73A04360CE\"\r\nLast-Modified: Tue, 10 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3816\r\nExpires: Tue, 10 Sep 2024 22:50:30 GMT\r\nDate: Tue, 10 Sep 2024 21:46:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0d73bb8f423c272f8206f468a187cda1","sha1":"ac92ec37ff809a72dc2a4ca83c0e3ffe0e465075","sha256":"17262f224cda9bd7912f9bbbf2b674cb97d997485ff1f5040e4cfe73a04360ce","sha512":"8a59aad49a506b51cbdd3817a5b75567fbc6d2a46a3a932035c027a62585c263de6e17f0e8c7cf95c7ea8ffa797db0f5b430c2bc466872c7cf8a36380e72c408","ssdeep":"","tlshash":"58f005523376e980b4dd147d9ad8f01319243ddc749864590abc4ae17d48ff6b10425d","first_seen":"2024-09-10T12:16:29Z","last_seen":"2024-09-19T21:29:31.271706Z","times_seen":12104,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:54.009660482Z","timestamp":1726004814009,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17262F224CDA9BD7912F9BBBF2B674CB97D997485FF1F5040E4CFE73A04360CE\"\r\nLast-Modified: Tue, 10 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3816\r\nExpires: Tue, 10 Sep 2024 22:50:30 GMT\r\nDate: Tue, 10 Sep 2024 21:46:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0d73bb8f423c272f8206f468a187cda1","sha1":"ac92ec37ff809a72dc2a4ca83c0e3ffe0e465075","sha256":"17262f224cda9bd7912f9bbbf2b674cb97d997485ff1f5040e4cfe73a04360ce","sha512":"8a59aad49a506b51cbdd3817a5b75567fbc6d2a46a3a932035c027a62585c263de6e17f0e8c7cf95c7ea8ffa797db0f5b430c2bc466872c7cf8a36380e72c408","ssdeep":"","tlshash":"58f005523376e980b4dd147d9ad8f01319243ddc749864590abc4ae17d48ff6b10425d","first_seen":"2024-09-10T12:16:29Z","last_seen":"2024-09-19T21:29:31.271706Z","times_seen":12104,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-10T21:46:54.011650725Z","timestamp":1726004814011,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17262F224CDA9BD7912F9BBBF2B674CB97D997485FF1F5040E4CFE73A04360CE\"\r\nLast-Modified: Tue, 10 Sep 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3816\r\nExpires: Tue, 10 Sep 2024 22:50:30 GMT\r\nDate: Tue, 10 Sep 2024 21:46:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0d73bb8f423c272f8206f468a187cda1","sha1":"ac92ec37ff809a72dc2a4ca83c0e3ffe0e465075","sha256":"17262f224cda9bd7912f9bbbf2b674cb97d997485ff1f5040e4cfe73a04360ce","sha512":"8a59aad49a506b51cbdd3817a5b75567fbc6d2a46a3a932035c027a62585c263de6e17f0e8c7cf95c7ea8ffa797db0f5b430c2bc466872c7cf8a36380e72c408","ssdeep":"","tlshash":"58f005523376e980b4dd147d9ad8f01319243ddc749864590abc4ae17d48ff6b10425d","first_seen":"2024-09-10T12:16:29Z","last_seen":"2024-09-19T21:29:31.271706Z","times_seen":12104,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/px.js?ch=2\u0026abp=2\u0026gdabp=true","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"23.73.4.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qexyhuv.com/lander","date":"2024-09-10T21:46:53.316Z","timestamp":1726004813316,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/px.js?ch=2\u0026abp=2\u0026gdabp=true HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://qexyhuv.com/\r\nOrigin: https://qexyhuv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: m57aWCDCLF4T1u/svQ6fI1gadqIJRyO/fdHolRwJPypCTGwPaMe3Q54dwotixle8y+w2UyphUEaQqs6t0wHF2w==\r\nx-amz-request-id: BGB9722MXMKKH20X\r\nlast-modified: Wed, 28 Aug 2024 20:07:12 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 3ePmFqsYxfyHSN4QPkH47ZTl7RneQYV5\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20\r\ncache-control: max-age=31536000\r\nexpires: Wed, 10 Sep 2025 21:46:53 GMT\r\ndate: Tue, 10 Sep 2024 21:46:53 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}