{"report_id":"df7649b6-8ad3-40b8-bead-61c8ea373764","version":6,"status":"done","tags":[],"date":"2024-09-02T22:41:02Z","url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":""},"ip":{"addr":"104.26.6.166","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"title":"Direct IP access not allowed | Cloudflare"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T23:04:15Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-01 18:13:21","alert_count":0,"request_count":3,"received_data":2662,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"104.26.6.166","ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2018-12-12 10:15:48","last_seen":"2023-10-24 16:47:40","alert_count":3,"request_count":3,"received_data":7690,"sent_data":1058,"comment":"","tags":null,"fingerprints":null},{"fqdn":"performance.radar.cloudflare.com","ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2022-06-29 12:44:51","last_seen":"2024-09-02 13:08:26","alert_count":0,"request_count":1,"received_data":8350,"sent_data":383,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34ad0a116707d3b794129a6720af92d7","sha1":"424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4","sha256":"d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262","sha512":"4d7cca00f0d83452fe3513c0c07c97ca5318dfcda0937df40626e49c9e15ef9a4287e6aa98da4c873d46248a20418b0ef793704c6619efad43c8b338a515cb37","ssdeep":"","tlshash":"43e0226b3b45293456f7aab3337fe37c3a22e0969cc015201968cd5ccd2bac042352c4","size":393,"data":"","first_seen":"2023-04-05T04:39:40Z","last_seen":"2025-03-02T06:13:46.994369Z","times_seen":143291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"performance.radar.cloudflare.com/beacon.js","fqdn":"performance.radar.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0134ba528d57ab347659cfe677623b43","sha1":"40fde70a9e6e8a45ddfe32958b379d2b9c503500","sha256":"c4beadddb23ea5776a254f00341f71622a7dd3f9b5e78653707ee86914abdeb0","sha512":"1df92b39d3be8939f2f5d92599d4de06735c80e81a4afbcf8097bf8734cb1960150563bf2515914c0dc9c3bbdb347ab2e2e1f012cf16be1fc75df1be7723a344","ssdeep":"192:834d1an1U1Kf88Kvmv1IygAVAWb97RJIFHYdzUxUPCFHYzC/GiK:ey1an1U1Kf88KOvCyt1IF4tSUPCF4zCW","tlshash":"e1f1f877bb40c502c986085544babe7f3521f14e07c256ad761fcd2ab2a4df2b2f2366","size":7542,"data":"","first_seen":"2024-09-19T23:04:17.043612Z","last_seen":"2024-09-19T23:04:17.043612Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T22:40:35.097519591Z","timestamp":1725316835097,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7\"\r\nLast-Modified: Mon, 02 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21115\r\nExpires: Tue, 03 Sep 2024 04:32:30 GMT\r\nDate: Mon, 02 Sep 2024 22:40:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"66fbf7f95cb55f388373a20d4b1a736e","sha1":"afc34259758a563362367848629ff7639982e1fb","sha256":"41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7","sha512":"80f0c1a3f29e795722e05ea6260e1ec92780f3f554ace63e7a0e4ad5d030be18b0cde8397bffc652a92306b23ba802aa8a0db463bac3a6827e645816bd5759a0","ssdeep":"","tlshash":"02f00e7956f2e6c3faf8112314a6ed606c227aab780021a279800ac239c67f6678545c","first_seen":"2024-09-02T19:20:57Z","last_seen":"2024-09-19T23:09:36.632755Z","times_seen":35846,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T22:40:35.546839916Z","timestamp":1725316835546,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ED97A3678824305419366056FD0BEE73359522822CA42A16FABDCC3AD982BE\"\r\nLast-Modified: Mon, 02 Sep 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6729\r\nExpires: Tue, 03 Sep 2024 00:32:44 GMT\r\nDate: Mon, 02 Sep 2024 22:40:35 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3b182d2525d361002ced8590b8a9ce07","sha1":"12cd4e482375e47fdc8cde29fe98a6e3498260df","sha256":"62ed97a3678824305419366056fd0bee73359522822ca42a16fabdcc3ad982be","sha512":"a9af0e3420d2ef7b1e515e4014c080aa80aca75d801f852b484ac418bafb12eda0ff0e4d2ae943bc5fab828c296a2ec8ec22c6b66222a285f3dd6a5c7fe82cfd","ssdeep":"","tlshash":"4bf005b9a5b5ba148aed1c4468f5c51d9b107efd3cc111c3acc5c1b52e5575c019410d","first_seen":"2024-09-02T21:43:18Z","last_seen":"2024-09-19T23:06:53.189609Z","times_seen":16139,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-02T22:40:35.647Z","timestamp":1725316835647,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Mon, 02 Sep 2024 22:40:35 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8bd100aecaa356c7-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":2098,"size_decoded":5893,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (501)","md5":"15c1ae3efee981cdd41b907013297936","sha1":"2baefae6838d8a704af63d5e0b6290eb2fb1ff8d","sha256":"cea189a350579af2778615cedceb9591d0c5b155b7e8ed00f7ebf1ec9e47b06b","sha512":"f4274d9bdfc37f29c0f8f57d6ac12ad9145beff6a7d47e63d286d5d19371f917287469ef7a6ef3f54986e78a5426fee423f44e6d21ce56e1454ea3d724773974","ssdeep":"96:1j9jwIjYj0DK/D6laa+hXOlQUpp8HZywohwowDjdJgPUwftvZU0mlxrR79PaQxJQ:1j9jhjYjoK/kaaFlVKyzhzefgPlL0lx0","tlshash":"8cc1a563f9f8257a1093c2a331a9a71979f48123daa704d1baadc4721f8df85fe07181","first_seen":"2024-09-19T23:04:17.030147Z","last_seen":"2024-09-19T23:04:17.030147Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":2,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/cdn-cgi/styles/main.css","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://104.26.6.166/","date":"2024-09-02T22:40:35.963Z","timestamp":1725316835963,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/styles/main.css HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://104.26.6.166/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 02 Sep 2024 22:40:35 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 27 Aug 2024 19:10:22 GMT\r\nETag: W/\"66ce249e-1f4d\"\r\nServer: cloudflare\r\nCF-RAY: 8bd100b0bbd2b4f3-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nVary: Accept-Encoding\r\nExpires: Tue, 03 Sep 2024 00:40:35 GMT\r\nCache-Control: max-age=7200, public\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2176,"size_decoded":8013,"mime_type":"text/css","magic":"ASCII text, with very long lines (8012)","md5":"ff26f59e28a5fe6ea4ab23586415696b","sha1":"4182675484d175e363cd34b43041b7b1af93d0cd","sha256":"d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74","sha512":"92c58eef6d1f885806450acd2927c57ebea2e8762c98b0826192555674bd4478e42add192834285d5934c0a76db8eac5eee1a65dc34b6f69246fad6c91a5fba4","ssdeep":"96:1jMh3JNJinvaE5TQRGxfldudududEtCbnaimpSpIplDO6bU6b16bE6bb6bNdkd94:1jMFJiva655dimwqjlP0/mGTZxRbC","tlshash":"75f1851bbf49104e3023886ae2c5a78d912dd282ee535bfff7173561cbc52fa1552b24","first_seen":"2023-04-05T04:39:40Z","last_seen":"2026-05-15T14:26:39.635952Z","times_seen":82226,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-02T22:40:36.250430923Z","timestamp":1725316836250,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C\"\r\nLast-Modified: Mon, 02 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2654\r\nExpires: Mon, 02 Sep 2024 23:24:50 GMT\r\nDate: Mon, 02 Sep 2024 22:40:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cabaaa7c3e6a621cc5836be05eee4924","sha1":"c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8","sha256":"2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c","sha512":"7da36317a8c4f485281c503bcc03813f77f4339dd43124bdba3345414625f7dbb71911cd5eb19e1d4afb482b9ce0ffb5678bd41d4d5e6e77f56069bd2f99817d","ssdeep":"","tlshash":"a0f00efb12f33260dbf59d293989f23a0610ad9ebc2198e624c5d1cb9442fec408890c","first_seen":"2024-09-02T19:36:30Z","last_seen":"2024-09-19T23:09:22.854855Z","times_seen":22244,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"104.26.6.166/favicon.ico","fqdn":"104.26.6.166","domain":"104.26.6.166","tld":"166"},"ip":{"addr":"104.26.6.166","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://104.26.6.166/","date":"2024-09-02T22:40:36.259Z","timestamp":1725316836259,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 104.26.6.166\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://104.26.6.166/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Mon, 02 Sep 2024 22:40:36 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8bd100b2acd1b4f3-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":2099,"size_decoded":5893,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (501)","md5":"93adbc83d18e44e85264a11617c24ef9","sha1":"841705fe67ea1c500d0845c1bc51f3443a602dc9","sha256":"3adc235d3e72d9617ffbf67b9d380d63b4c00c1e848d2451db711a00c66ad8d5","sha512":"a27198aa7ce5e8f84d76ba0b7ed02113cde89c1f2b0eff6f000900ee45bd4a208abd528df2f0695cdc4e4e9cf46ba53fbd9982aeb5e1249f464bb12ee04dc627","ssdeep":"96:1j9jwIjYj0DK/D6laa+hXOlQUpp8HZywo6woHjdJgPUwftvZU0mlCrR79PaQxJb0:1j9jhjYjoK/kaaFlVKyz6zDfgPlL0lC0","tlshash":"a4c19563f9f8257a1193c2a331a9a71979f58123eea704d1ba9dc0721f8df85fe07181","first_seen":"2024-09-19T23:04:17.034328Z","last_seen":"2024-09-19T23:04:17.034328Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-02","alert":"Sinkholed","trigger":"104.26.6.166","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"performance.radar.cloudflare.com/beacon.js","fqdn":"performance.radar.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.30.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://104.26.6.166/","date":"2024-09-02T22:40:35.966Z","timestamp":1725316835966,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"radar.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Aug 2024 18:36:35 GMT","end":"Tue, 26 Nov 2024 19:35:09 GMT"},"fingerprint":{"sha1":"9F:1E:96:97:32:94:99:DE:29:D8:8E:F8:71:05:BC:08:EB:23:1B:09","sha256":"F4:2C:60:DF:3E:20:0C:84:A3:07:B1:3C:48:57:54:1D:4D:C0:15:20:41:7F:02:2A:7E:27:83:C3:5F:8F:46:37"}}},"request":{"raw":"GET /beacon.js HTTP/1.1\r\nHost: performance.radar.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 02 Sep 2024 22:40:36 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: no-store, max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nreferrer-policy: no-referrer\r\ntiming-allow-origin: *\r\nset-cookie: __cf_bm=x1BgVZwSDPjRNyCnktAjJbV1ahf_hhIGVY4.RopOPlI-1725316836-1.0.1.1-qMBE7PPXv_NvAJCrnlBUGkE5vAUdE8T1g3ieRP8CtmSBFQEnu9_kdkjoiP9I6lcWOK.w76XW_O9YrhP8LCnbEg; path=/; expires=Mon, 02-Sep-24 23:10:36 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 8bd100b0eb2ab4fa-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7542,"size_decoded":7542,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7888), with no line terminators","md5":"2be3b039edfdd1e082a082735b45f942","sha1":"96050381dc41d1c15f79b74863f788cc5f13fce1","sha256":"444903f54d9db9fdf8a1382f46e28fb5606b186280a45e7fd26126cc427899d7","sha512":"c381d0ae7a4f7ca2d92f6b108933ff70e903abdc8b76ea2c88319f319c7816e47f5cfbbd54a1c2bb93089d41a7d5f771fdb8d5dbd2e22e367196aaf5bb75b7f9","ssdeep":"192:c34d1an1U1Kf88Kvmv1IygAVAWb97RJIFHYdzUxUPCFHYzC/Gi4:+y1an1U1Kf88KOvCyt1IF4tSUPCF4zC8","tlshash":"01f1f877bb40c502c986085544babe7f3521f14e07c256ad761fcd2ab2a4df2b2f2366","first_seen":"2024-09-19T23:04:17.038196Z","last_seen":"2024-09-19T23:04:17.038196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":18,"dns":4,"connect":1,"send":0,"wait":30,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}