{"report_id":"e490a70e-2b0f-428c-8dd0-42e8b4cf4039","version":6,"status":"done","tags":[],"date":"2024-08-24T07:36:46Z","url":{"schema":"http","addr":"a92.2cc3xr.shop/","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"a92.2cc3xr.shop/#1724484980275","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"title":"PMYP Prime Minister Laptop Scheme 2024 – Apply Online"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-07T18:01:51Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"a92.2cc3xr.shop","ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":81952,"sent_data":917,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-23 18:12:28","alert_count":0,"request_count":3,"received_data":2664,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-23 18:12:18","alert_count":0,"request_count":2,"received_data":1776,"sent_data":654,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":12905,"first_seen":"2013-08-16 11:51:31","last_seen":"2024-08-24 03:28:54","alert_count":0,"request_count":1,"received_data":34418,"sent_data":431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"563cdn.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-05-12","domain_rank":0,"first_seen":"2023-05-12 17:15:50","last_seen":"2024-06-24 19:51:53","alert_count":0,"request_count":1,"received_data":91310,"sent_data":442,"comment":"","tags":null,"fingerprints":null},{"fqdn":"biaoche666.cn","ip":{"addr":"172.67.135.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":2927,"sent_data":889,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-22","alert":"Generic/Spear Phishing","trigger":"a92.2cc3xr.shop/","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-22","alert":"Generic/Spear Phishing","trigger":"a92.2cc3xr.shop/","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T20:34:37.362857Z","times_seen":45587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a92.2cc3xr.shop/","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bcb1aaa49a20e7b1dc786cd06f7ac01d","sha1":"0e6e845f89e45bdc0bee07fe087885701b07d2dd","sha256":"ce5ff23d4090423a12e6d03868deba69eb6dce3f3a31f2e80cf9b9a3c8fe7933","sha512":"03e7bab7cce8b2fa6a70bcf03cd1081568ee9c9b8fe2ca8d742e4095b8d5eba7a4c3a922f53c6994230d8468fb1e3756837bd23342755e5b2953874d7e89600e","ssdeep":"","tlshash":"ff5196b071492afb4d8f2520b66e0506b238d56d08994178d68cf1f31e3d80265fbbaf","size":2608,"data":"","first_seen":"2024-04-18T11:21:27Z","last_seen":"2024-10-11T08:23:14.317156Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a92.2cc3xr.shop/","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ecffbe366e1b36e55da681315cda4e78","sha1":"4932abca38dc9d841be2c4cd52207207b29c2714","sha256":"214f1274f0b94b658764f6179e2de89e09de88248f35e3d9bf506ce9049c5a14","sha512":"c28c2b19de5731cc4863bde2d22b23c8793febf5f5c5a64b4443d1ca05fdf44f1c070d139832a41f0138f6cee22f51bd97eaa22a2183e8b0f153d7c098ab37c6","ssdeep":"","tlshash":"c6e0df805f056817233403418636530c69a3b98432f2fcc0f2f905a0e17aa57a77aef0","size":345,"data":"","first_seen":"2023-12-13T18:56:14Z","last_seen":"2024-10-11T08:23:14.317755Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a92.2cc3xr.shop/","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2768b69fa39beebc2afa7874bf5482e3","sha1":"aff70fe363268c0b9d68b4580e998a68bf051c34","sha256":"7a4a9bdcb8e68e6ad5628d6460333092224e7db0c7fa7425127050393238b580","sha512":"ff04174c215857c94490ae1cff3f4ffecaf5e51df2ebf2cde8523a8b7b7e3751dbdaade7ce982ddb52926bd9b7e2e0e9ee532f36701cde2fb87ade189da0a0cd","ssdeep":"","tlshash":"cad0a78ae0129847ca7370355f7b62087073156748085119b75804481f2471f975abcc","size":228,"data":"","first_seen":"2024-01-22T18:55:06Z","last_seen":"2025-02-02T16:55:35.182959Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"biaoche666.cn/js/script.js","fqdn":"biaoche666.cn","domain":"biaoche666.cn","tld":"cn"},"ip":{"addr":"172.67.135.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"abd4e2373b2e8c4dac2e80159641c5f1","sha1":"e273656e58ca934d873204e68dd35670fde657ed","sha256":"021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94","sha512":"fb04feb14c2eb999da4b032812a447e1d3b9f0fbc85abcdfb886df2cf1bdc1bcae1684a4e118626ecad9441fa56302ff8981b4ded5da2033012eed2e8a258398","ssdeep":"","tlshash":"a02189deb841353249b0e5a7aa2f370330277169280950279201d9577414d5f8379fce","size":1346,"data":"","first_seen":"2023-05-22T17:22:24Z","last_seen":"2026-04-03T18:36:51.655523Z","times_seen":7510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"f29d942572b68cc8c76d5067c2d4d6c6","sha1":"6257f1620f626907778d0d10daf2211c9a52697f","sha256":"cbcb07a5ac544e58895e869208dfa323a5d304c1f2e10d190084f2b598356b9f","sha512":"52d0ff4ce53bf5e00e3e72e289c56f830a68c3121f715e9df158ec72f8a6a7cf95ac4b2032a1993f557b08f45af69b1c2cfe77ab164fe97b76de82ec20254e0d","ssdeep":"","tlshash":"c5f000002800003e202802a0030c0000288f8c33230000a08000080a0c20002c288c00","size":316,"data":"","first_seen":"2024-01-22T00:15:49Z","last_seen":"2025-02-02T16:55:35.185809Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T07:36:18.871344269Z","timestamp":1724484978871,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DB03B08D76424BB0DD34B51C11CF222B9126BD1F6017AFD35CB1C2D0C3D1F86E\"\r\nLast-Modified: Fri, 23 Aug 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19438\r\nExpires: Sat, 24 Aug 2024 13:00:16 GMT\r\nDate: Sat, 24 Aug 2024 07:36:18 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a081f9755218e081db962afea1117844","sha1":"fab4e95becdbacea971038e8f0ea80b4e1064e4b","sha256":"db03b08d76424bb0dd34b51c11cf222b9126bd1f6017afd35cb1c2d0c3d1f86e","sha512":"ffbc769821cd608c48cd2e69185d6471eb9d63c282ae37bdbaf5e011fb54ca5da649740eb88fdf0616e425f08a0197934e60c3bb33713b6fa057afb6dd1837b1","ssdeep":"","tlshash":"16f005f50d09a5828e98147c5eb4c06b5d3d7df939545cd7927dd1f83c52f55134018c","first_seen":"2024-08-23T21:19:50Z","last_seen":"2024-08-29T18:06:28.06686Z","times_seen":25934,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T07:36:19.161294876Z","timestamp":1724484979161,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CF43D0127C72BF58A1799B4E7CE0E5C9E18EC12E978DF6DAC9C17920A20173D5\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16166\r\nExpires: Sat, 24 Aug 2024 12:05:45 GMT\r\nDate: Sat, 24 Aug 2024 07:36:19 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"515f455d93caad6521481d99fc23e623","sha1":"cb770c44b3e280f2151b3f5e887d61fbe0ef66fb","sha256":"cf43d0127c72bf58a1799b4e7ce0e5c9e18ec12e978df6dac9c17920a20173d5","sha512":"39fab7365f165908e92287a24cc88f688c4083edd2e0739103697cb71d715c221bc05d175c9a3bc51a5dab548cf67f950c518054adb8d4a91d4f420b5a06dab0","ssdeep":"","tlshash":"25f00e8a25b0f9edaf66384a16a8d42b9e336cbd3c0419c041d402d239cabbc974c44a","first_seen":"2024-08-24T03:38:38Z","last_seen":"2024-08-29T18:04:17.031483Z","times_seen":24396,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T07:36:19.30557402Z","timestamp":1724484979305,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"133A1FE03DE9EFD148F43EFDA3CD37D24E4F5CC936D1008A8CE7AACC6653AFA3\"\r\nLast-Modified: Fri, 23 Aug 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17469\r\nExpires: Sat, 24 Aug 2024 12:27:28 GMT\r\nDate: Sat, 24 Aug 2024 07:36:19 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f04a331cae60388b5b3c547bcdd5a8e8","sha1":"a74ba9ea1965e39a78db26c6568b3524156f0b5c","sha256":"133a1fe03de9efd148f43efda3cd37d24e4f5cc936d1008a8ce7aacc6653afa3","sha512":"0a9307417b28adbf81db5ad4e109b9d9d27016432a2a5477e93f36725b54439d0edc39b1eb2a2ca8ad17a1e8c256d3144c1b8718a6b18c87ae4ad2b9e062dc96","ssdeep":"","tlshash":"3cf005e619dbb49053ec44212df687297e40ed98205022d52de0c1845c06bda57c400e","first_seen":"2024-08-24T02:57:33Z","last_seen":"2024-08-29T18:04:24.213602Z","times_seen":23911,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a92.2cc3xr.shop/","date":"2024-08-24T07:36:20.099Z","timestamp":1724484980099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:49:45 GMT","end":"Tue, 22 Oct 2024 12:49:44 GMT"},"fingerprint":{"sha1":"C4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF","sha256":"2C:F6:BB:60:47:DE:95:1D:70:0E:DB:82:4F:8B:25:7C:53:71:AD:B7:2C:CA:F9:7E:00:57:F3:9F:F1:74:25:40"}}},"request":{"raw":"GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a92.2cc3xr.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33434\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Aug 2024 08:12:58 GMT\r\nexpires: Thu, 21 Aug 2025 08:12:58 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 257002\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33434,"size_decoded":95786,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T20:34:37.362857Z","times_seen":45587,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":33,"dns":1,"connect":8,"send":0,"wait":12,"receive":9,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"563cdn.com/images/laptopfree.jpeg","fqdn":"563cdn.com","domain":"563cdn.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a92.2cc3xr.shop/","date":"2024-08-24T07:36:20.103Z","timestamp":1724484980103,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"563cdn.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Aug 2024 00:48:57 GMT","end":"Mon, 04 Nov 2024 00:48:56 GMT"},"fingerprint":{"sha1":"D5:10:52:E8:A1:0E:57:8C:BC:CC:FA:02:2E:84:0C:0F:6A:2C:53:86","sha256":"AE:DC:0B:B6:83:32:D3:61:AB:41:75:4D:C5:75:9A:40:8D:F8:10:D2:69:5C:99:93:57:A4:E1:FF:76:AE:5E:C0"}}},"request":{"raw":"GET /images/laptopfree.jpeg HTTP/1.1\r\nHost: 563cdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a92.2cc3xr.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Aug 2024 07:36:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 90602\r\netag: \"ad43c64a98ce069e008bd61dbd64f87e\"\r\nlast-modified: Wed, 24 Jan 2024 01:59:12 GMT\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1575\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0RN9Ze4hnptbxT6BB%2FNrk3oFZine7diHo5O78NGY5ex7GBae208zOVhKsr57mddGQwZhT76y3XQrFwaL7EN4KMhbPGTddHI9mrxzoIwbXjeSihvRamNwvUOwpCFg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b81abb61dd15691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":90602,"size_decoded":90602,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1082x672, components 3","md5":"ad43c64a98ce069e008bd61dbd64f87e","sha1":"c8882647f2bc82bcb66752ed094dd4d9e5c6ec4c","sha256":"7887bebae5fca7fb2139245ab9ae67b401da166c6737367a98097b73b7db8dda","sha512":"5d843eefedab541d1b2831f4878e2b4b8de0d3abbeb8eba7ff50a459956bcb172e216aed81eb6955cf00dcc9b40437fae4775349f2d4a9831bd6b7294dcc678c","ssdeep":"1536:EHcfTGWDOmB0trm0q8vyh7JrcCWtfuzPEcWwpdnNIrByinN8TOpZs56j+tNskQCQ:E8fTGWDdV78vyh7JBz8Lyi+KK6j+tNsz","tlshash":"cf9302768ab3d210e8fd043fa2f37bb7d80d495392c41847e2835a1066976ab0d886b9","first_seen":"2024-01-24T06:22:39Z","last_seen":"2024-10-11T08:23:14.314177Z","times_seen":39,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":74,"dns":37,"connect":8,"send":0,"wait":31,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"biaoche666.cn/api/event","fqdn":"biaoche666.cn","domain":"biaoche666.cn","tld":"cn"},"ip":{"addr":"172.67.135.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://a92.2cc3xr.shop/","date":"2024-08-24T07:36:20.322Z","timestamp":1724484980322,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"biaoche666.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Jul 2024 01:22:47 GMT","end":"Sat, 12 Oct 2024 01:22:46 GMT"},"fingerprint":{"sha1":"FB:E4:E1:D3:D8:15:33:6E:1E:29:D5:D3:0E:6B:5D:D8:29:9B:85:A5","sha256":"62:BB:D3:FA:27:B7:47:53:8B:44:B2:19:93:83:AC:B4:E8:73:9D:61:24:E1:D4:20:FA:B4:74:77:82:CA:F6:7E"}}},"request":{"raw":"POST /api/event HTTP/1.1\r\nHost: biaoche666.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 86\r\nOrigin: https://a92.2cc3xr.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a92.2cc3xr.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 202 Accepted\r\ndate: Sat, 24 Aug 2024 07:36:20 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nx-request-id: F-6Z_6I5Qjf0tGV7xbsi\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2YrPBTcrNzwDOKsubHvQfgsQr6G6%2FK%2FUdD1zcIHlmnpPNJbE6M9f%2FVG6znINVVEPU60a549yEOfclm%2F2ikoxGEN7wKKx7y5SCdGUAAF%2F3at8gU1A8BPnYQx5oNvQGm86\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b81abb728825687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-03T20:27:23.609791Z","times_seen":390618,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":28,"dns":1,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T07:36:21.28093429Z","timestamp":1724484981280,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18620\r\nExpires: Sat, 24 Aug 2024 12:46:41 GMT\r\nDate: Sat, 24 Aug 2024 07:36:21 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T07:36:21.282050658Z","timestamp":1724484981282,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18620\r\nExpires: Sat, 24 Aug 2024 12:46:41 GMT\r\nDate: Sat, 24 Aug 2024 07:36:21 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a92.2cc3xr.shop/","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-24T07:36:19.446Z","timestamp":1724484979446,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2cc3xr.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jul 2024 11:15:07 GMT","end":"Wed, 09 Oct 2024 11:15:06 GMT"},"fingerprint":{"sha1":"31:FB:94:0B:FD:7D:F6:36:60:42:48:C7:43:3B:8A:8C:F0:31:4E:72","sha256":"91:6A:51:1F:87:F0:93:87:1B:C5:B0:03:98:7C:FF:3D:5D:10:3A:E2:27:92:96:CB:8D:E9:BB:9D:ED:58:2D:71"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: a92.2cc3xr.shop\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Aug 2024 07:36:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: loclang=en; expires=Sun, 25-Aug-2024 07:36:19 GMT; Max-Age=86400\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QUffy7v332OIYIkCKOBzc9Jodg9c3qnKW0r9BQ8DfE4dZDb8OTntd8uuORQ5u4yCnC4cs%2Bvv%2BLMGBr6FAxvpjBp2tvJrLofoHV%2BU24zp7ehricgzrKxs4tMQTHT4V0mnk%2BQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b81abb1cccf712b-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17643,"size_decoded":17643,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":43,"dns":1,"connect":8,"send":0,"wait":433,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-22","alert":"Generic/Spear Phishing","trigger":"a92.2cc3xr.shop/","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"biaoche666.cn/js/script.js","fqdn":"biaoche666.cn","domain":"biaoche666.cn","tld":"cn"},"ip":{"addr":"172.67.135.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a92.2cc3xr.shop/","date":"2024-08-24T07:36:20.104Z","timestamp":1724484980104,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"biaoche666.cn","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Jul 2024 01:22:47 GMT","end":"Sat, 12 Oct 2024 01:22:46 GMT"},"fingerprint":{"sha1":"FB:E4:E1:D3:D8:15:33:6E:1E:29:D5:D3:0E:6B:5D:D8:29:9B:85:A5","sha256":"62:BB:D3:FA:27:B7:47:53:8B:44:B2:19:93:83:AC:B4:E8:73:9D:61:24:E1:D4:20:FA:B4:74:77:82:CA:F6:7E"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: biaoche666.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a92.2cc3xr.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Aug 2024 07:36:20 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: max-age=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nexpires: Sat, 24 Aug 2024 15:24:17 GMT\r\nx-cache: HIT\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 15173\r\nlast-modified: Sat, 24 Aug 2024 03:23:27 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=hx7%2BIBL1x655Dd5gLqTtyTQhhZYNtsR19suOIQ%2FwQQd0NyLmqlI48RT%2F%2Fx1tvYhiwKZQzwO54eYuJRXg0%2BGLGw2amuMKgZQQe9yYKdeW%2BDC6%2Bj3ZqrmQpRcEnXRHOKCn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b81abb6194256c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1346,"size_decoded":1346,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1384), with no line terminators","md5":"16cfd1982a40489c41a52add24d36b85","sha1":"344f1896d895c5d0a7c4caecafcf1942603cd026","sha256":"72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce","sha512":"18cf93b1c83d168c61f440716599efc2949561235ddb8bb9c1230c38829c01d8e2539fda9c196d0b64835c39267e5ce36f6bec7eecb735681ca2382e32e96607","ssdeep":"","tlshash":"0a2189deb841353249b0e5a7aa2f370330277169280950279201d9577414d5f8379fce","first_seen":"2023-05-22T17:22:24Z","last_seen":"2025-04-05T18:42:16.38307Z","times_seen":2688,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":73,"dns":36,"connect":12,"send":0,"wait":36,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a92.2cc3xr.shop/favicon.ico","fqdn":"a92.2cc3xr.shop","domain":"2cc3xr.shop","tld":"shop"},"ip":{"addr":"104.21.68.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a92.2cc3xr.shop/","date":"2024-08-24T07:36:20.452Z","timestamp":1724484980452,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2cc3xr.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jul 2024 11:15:07 GMT","end":"Wed, 09 Oct 2024 11:15:06 GMT"},"fingerprint":{"sha1":"31:FB:94:0B:FD:7D:F6:36:60:42:48:C7:43:3B:8A:8C:F0:31:4E:72","sha256":"91:6A:51:1F:87:F0:93:87:1B:C5:B0:03:98:7C:FF:3D:5D:10:3A:E2:27:92:96:CB:8D:E9:BB:9D:ED:58:2D:71"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: a92.2cc3xr.shop\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a92.2cc3xr.shop/\r\nCookie: loclang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sat, 24 Aug 2024 07:36:21 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=PQpvP6HcsaKW1kz98fF0T73o0ZLS0Dtt07DVTi5F%2Bu78%2FADjw0f6dm8n0IstcwCIUQpWBo6we5JLELsyhN2n7Mtxxk1Qudv1tBo7t%2B30UcYfjT5MRDM2Dz%2BWTap%2BBCjviFk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8b81abb7d8a3568a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":63043,"size_decoded":63043,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":620,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":610,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-22","alert":"Generic/Spear Phishing","trigger":"a92.2cc3xr.shop/","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}}]}