{"report_id":"d4e424be-b3a1-4c83-ab0e-47e50b50f6e0","version":6,"status":"done","tags":[],"date":"2023-11-06T06:42:47Z","url":{"schema":"http","addr":"redddroom.com/","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"ip":{"addr":"103.200.23.160","port":0,"asn":135905,"as":"VIETNAM POSTS AND TELECOMMUNICATIONS GROUP","country":"Vietnam","country_code":"VN"},"final":{"url":{"schema":"https","addr":"redddroom.com/","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"title":"redddroom.com/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T15:32:53Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"redddroom.com","ip":{"addr":"103.200.23.160","port":443,"asn":135905,"as":"VIETNAM POSTS AND TELECOMMUNICATIONS GROUP","country":"Vietnam","country_code":"VN"},"domain_registered":"2023-04-16","domain_rank":0,"first_seen":"2023-04-16 06:57:52","last_seen":"2023-05-06 06:23:02","alert_count":0,"request_count":2,"received_data":2629,"sent_data":905,"comment":"","tags":null,"fingerprints":null},{"fqdn":"connect.facebook.net","ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2004-04-01","domain_rank":139,"first_seen":"2012-05-22 04:51:28","last_seen":"2023-11-05 05:09:13","alert_count":0,"request_count":2,"received_data":91021,"sent_data":894,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"redddroom.com/sandbox%20eval%20code","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"2117fbaf3d52dc7838e3a758f5f09853","sha1":"94d476ee49d57012d067ba33a12ebe8c94e4f0fd","sha256":"58355b2f0ca7b5ce2b760badfc916a1f9dff35b32ba502f3e66cfdeb050455d1","sha512":"a5f52c82a28db4286297d36dd82fe99ca085a5f3d97918add47de722d7ead70e787984aaa5b2b5282168f028f7ed559a588697a6b4a72993cbbfe06014f02d86","ssdeep":"","tlshash":"ddc0c0634b000338212113bab4005445850b335c37e35cc0f00a02373604f23373c4bc","size":180,"data":"","first_seen":"2024-08-20T20:42:41.301133Z","last_seen":"2024-08-20T20:42:41.301133Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fd422dfff6c148278b9c14f2c760ec5","sha1":"0727dca17b68341e9c22a84e1121ecc97e9f9571","sha256":"c64557b5dbe82b457d4105d9fa940f08a4f01d11cd92f355c4d80d3789324d25","sha512":"225febb358ec72f00ec385f14c3b139e57fb7bf8f68a0bba46eb358d22852be4ceebd90a33271d23e992b012790a323a6cffc86523653450364f0834f5a7e6b4","ssdeep":"","tlshash":"c251751d71a1356a51e03af025b78b49f1ef9783391af30899adda447e2831e40ebd6c","size":3093,"data":"","first_seen":"2023-11-06T07:42:48Z","last_seen":"2023-11-06T07:42:48Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js?hash=f72b7e62447a2702c6814f94bdc46b2f","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e124bea733f9ea7c116dc3030acd239b","sha1":"1491e70540da5bde751098158f6d26d05355db2d","sha256":"5d7889293e81d97880afc7d19c1402330bf3101183e6e84915d7e14d668bb63a","sha512":"5398eaa5a0c64223af16a795e71c175aacb1d00375dfb00fba3a426dc2ad8ce621efa2eb2f0607afb09c0aa732795f944ca2dfa306fafd769f92950f9fc17c5e","ssdeep":"6144:jVPCQYGPzpc6Y/yBNtuhAgai3YPhpR4JXc8j:jP0/yBNtbJ38j","tlshash":"515407a932b1b626d5f6286190bf110bb139c8a2b4189974b5e0c9d41f7cf1e1a77f3c","size":304216,"data":"","first_seen":"2023-11-06T07:42:48Z","last_seen":"2023-11-06T07:42:48Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"redddroom.com/","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"ip":{"addr":"103.200.23.160","port":443,"asn":135905,"as":"VIETNAM POSTS AND TELECOMMUNICATIONS GROUP","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T06:19:51.498354Z","times_seen":15592723,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js","fqdn":"94b86a3e-a8f5-4509-b451-a3e524e5069f","domain":"94b86a3e-a8f5-4509-b451-a3e524e5069f","tld":"94b86a3e-a8f5-4509-b451-a3e524e5069f"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"865f01cbb34eb505834e826380d7dc2e","sha1":"c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e","sha256":"30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17","sha512":"9e37cd2e9fb9e4e926e2d1e1232c4c4ba3531d89b1d165293708849e0f88df6a40711d87c2b267ced9b6c4a27ac13079b5cb907334e2e297b588318df629b9ee","ssdeep":"","tlshash":"c5319c1f6968093c1622bed977b33403721672581151f662be5cc357239a62bc2b1bec","size":1684,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-05-23T06:25:55.947664Z","times_seen":176716,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b938e0b835c600209bdaae9d8ccda6d7","sha1":"d5ee79d277057e05f002a18381722b5eb75d3883","sha256":"d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b","sha512":"f519d10ba250add8cdb46a82b3cddc68e01735c6c80b24d4af37aa0ca108340b59a21bd2cc19bcd4753f66ff5a5dc17f6e3500e91be6436fdd90c954a6ed3800","ssdeep":"384:Ps5FfMCDA9SQM/Psw1A9uW1HVMJDXMlS3RpU9JCo4wiLF:kU9SVjoHqXMA3CJCodiLF","tlshash":"1672b51e46f31232456370766b4b72047235d0473a0afe993f9c87542f8aa6e86f27ec","size":16896,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-05-23T06:25:56.013324Z","times_seen":171292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"redddroom.com/","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"ip":{"addr":"103.200.23.160","port":443,"asn":135905,"as":"VIETNAM POSTS AND TELECOMMUNICATIONS GROUP","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-06T06:42:30.523Z","timestamp":1699252950523,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"summer2023.skin","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Oct 2023 14:35:28 GMT","end":"Wed, 10 Jan 2024 14:35:27 GMT"},"fingerprint":{"sha1":"33:A4:7E:43:81:D1:43:E6:75:88:E1:23:F5:8F:5A:86:4D:54:8D:AC","sha256":"CF:14:58:F1:4E:92:74:3E:D2:6E:25:87:F2:19:6A:32:EB:BA:AA:19:6C:3A:FA:84:61:C4:C6:D7:F6:93:D8:A8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: redddroom.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Thu, 12 Oct 2023 14:05:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 728\r\ndate: Mon, 06 Nov 2023 06:42:30 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":728,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, ASCII text, with CRLF line terminators","md5":"f5a35371822e05c07d696bc3ab0cfed3","sha1":"3347efc552416159d16ddcf2fd3bbe0998bf1a1a","sha256":"e9a1e020735f20a6ff3a080fdf46e8eac584817600aec80a7fd9cd60d912c9f3","sha512":"ad072496798e69f8fae0c5c8851d8b3e5a0d9eb628b86594b36758eccfaec15a996caa8c1fc096e11ece7069adb190963102b14852adfa8792d8bfa087425a93","ssdeep":"","tlshash":"b641424fd98420714632733a3e7a89b9fb2a59572502da19bc2c925f1f70f011da39ee","first_seen":"2023-11-06T07:42:48Z","last_seen":"2023-11-06T07:42:48Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2313,"timings":{"blocked":992,"dns":1,"connect":325,"send":0,"wait":330,"receive":0,"ssl":659},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://redddroom.com/","date":"2023-11-06T06:42:32.375Z","timestamp":1699252952375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Aug 2023 00:00:00 GMT","end":"Mon, 13 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"18:70:59:23:7E:34:BE:4C:73:CE:39:8F:50:FF:9E:DE:ED:5A:67:B2","sha256":"77:07:06:9C:CE:EB:6B:70:79:88:5D:3F:6E:DA:DE:CA:BE:91:B8:94:79:E6:C5:65:C3:2A:AB:2D:1F:D1:3D:AA"}}},"request":{"raw":"GET /en_US/sdk.js HTTP/1.1\r\nHost: connect.facebook.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://redddroom.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-expose-headers: X-FB-Content-MD5\r\nx-fb-content-md5: 5fd422dfff6c148278b9c14f2c760ec5\r\netag: \"b1942c6e7f60403bea215b26d8fbd6ff\"\r\ncontent-type: application/x-javascript; charset=utf-8\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Mon, 06 Nov 2023 06:46:52 GMT\r\ncache-control: public,max-age=1200,stale-while-revalidate=3600\r\ndocument-policy: force-load-at-top\r\npermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-content-type-options: nosniff\r\nreporting-endpoints: \r\nx-frame-options: DENY\r\norigin-agent-cluster: ?0\r\nstrict-transport-security: max-age=31536000; preload; includeSubDomains\r\ncontent-md5: mLRmQ46nIf143ko40nXUTw==\r\nx-fb-debug: 9nW8V8xhDpV4n/qJgsMhtAobXZXUx/nAPcqcvodtg2ZwBS2aV4MyrnIJUM8mUJ44hjX6ZrjU6jIc5/lx0oPaCQ==\r\ncontent-length: 1688\r\ndate: Mon, 06 Nov 2023 06:42:32 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1688,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"ASCII text, with very long lines (1957)","md5":"5fd422dfff6c148278b9c14f2c760ec5","sha1":"0727dca17b68341e9c22a84e1121ecc97e9f9571","sha256":"c64557b5dbe82b457d4105d9fa940f08a4f01d11cd92f355c4d80d3789324d25","sha512":"225febb358ec72f00ec385f14c3b139e57fb7bf8f68a0bba46eb358d22852be4ceebd90a33271d23e992b012790a323a6cffc86523653450364f0834f5a7e6b4","ssdeep":"","tlshash":"c251751d71a1356a51e03af025b78b49f1ef9783391af30899adda447e2831e40ebd6c","first_seen":"2023-11-06T07:42:48Z","last_seen":"2023-11-06T07:42:48Z","times_seen":1,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":21,"dns":12,"connect":7,"send":0,"wait":21,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js?hash=f72b7e62447a2702c6814f94bdc46b2f","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://redddroom.com/","date":"2023-11-06T06:42:32.483Z","timestamp":1699252952483,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Aug 2023 00:00:00 GMT","end":"Mon, 13 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"18:70:59:23:7E:34:BE:4C:73:CE:39:8F:50:FF:9E:DE:ED:5A:67:B2","sha256":"77:07:06:9C:CE:EB:6B:70:79:88:5D:3F:6E:DA:DE:CA:BE:91:B8:94:79:E6:C5:65:C3:2A:AB:2D:1F:D1:3D:AA"}}},"request":{"raw":"GET /en_US/sdk.js?hash=f72b7e62447a2702c6814f94bdc46b2f HTTP/1.1\r\nHost: connect.facebook.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://redddroom.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://redddroom.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-expose-headers: X-FB-Content-MD5\r\nx-fb-content-md5: e124bea733f9ea7c116dc3030acd239b\r\netag: \"a2a4175abd82d75f23ec8e174a7cb0dc\"\r\ncontent-type: application/x-javascript; charset=utf-8\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Tue, 05 Nov 2024 06:12:50 GMT\r\ncache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable\r\ndocument-policy: force-load-at-top\r\npermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-content-type-options: nosniff\r\nreporting-endpoints: \r\nx-frame-options: DENY\r\norigin-agent-cluster: ?0\r\nstrict-transport-security: max-age=31536000; preload; includeSubDomains\r\ncontent-md5: I7Ej3abi2j1+uhN4n7atBA==\r\nx-fb-debug: 6IjtqHM/VdhEmNjOMW6CWSxBxpSueHOzu7c9js4fCN1cOvuV+pk3r0abDeAvHLw00ZAGJl5QFf9cJP+eTInRNQ==\r\ncontent-length: 86881\r\ndate: Mon, 06 Nov 2023 06:42:32 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86881,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"ASCII text, with very long lines (13192)","md5":"e124bea733f9ea7c116dc3030acd239b","sha1":"1491e70540da5bde751098158f6d26d05355db2d","sha256":"5d7889293e81d97880afc7d19c1402330bf3101183e6e84915d7e14d668bb63a","sha512":"5398eaa5a0c64223af16a795e71c175aacb1d00375dfb00fba3a426dc2ad8ce621efa2eb2f0607afb09c0aa732795f944ca2dfa306fafd769f92950f9fc17c5e","ssdeep":"6144:jVPCQYGPzpc6Y/yBNtuhAgai3YPhpR4JXc8j:jP0/yBNtbJ38j","tlshash":"515407a932b1b626d5f6286190bf110bb139c8a2b4189974b5e0c9d41f7cf1e1a77f3c","first_seen":"2023-11-06T07:42:48Z","last_seen":"2023-11-06T07:42:48Z","times_seen":1,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":9,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"redddroom.com/favicon.ico","fqdn":"redddroom.com","domain":"redddroom.com","tld":"com"},"ip":{"addr":"103.200.23.160","port":443,"asn":135905,"as":"VIETNAM POSTS AND TELECOMMUNICATIONS GROUP","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://redddroom.com/","date":"2023-11-06T06:42:32.249Z","timestamp":1699252952249,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"summer2023.skin","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Oct 2023 14:35:28 GMT","end":"Wed, 10 Jan 2024 14:35:27 GMT"},"fingerprint":{"sha1":"33:A4:7E:43:81:D1:43:E6:75:88:E1:23:F5:8F:5A:86:4D:54:8D:AC","sha256":"CF:14:58:F1:4E:92:74:3E:D2:6E:25:87:F2:19:6A:32:EB:BA:AA:19:6C:3A:FA:84:61:C4:C6:D7:F6:93:D8:A8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: redddroom.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://redddroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Mon, 06 Nov 2023 06:42:30 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-23T05:29:54.009276Z","times_seen":40678,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}