{"report_id":"f3d98f3d-a321-4fee-b72c-ba47a252116e","version":6,"status":"done","tags":["sinkhole","suspicious","cloudflare"],"date":"2023-12-10T02:42:52Z","url":{"schema":"http","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.144.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"title":"Attention Required! | Cloudflare"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T08:20:05Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"geoblocking.lotto24.de","ip":{"addr":"104.19.145.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":6,"received_data":13451,"sent_data":2575,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":1294,"first_seen":"2019-09-24 16:34:56","last_seen":"2023-12-09 05:09:57","alert_count":0,"request_count":1,"received_data":20383,"sent_data":479,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"http","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T00:09:49.757308Z","times_seen":14711689,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd1d068fdb5fe90b6c05a5b3940e088c","sha1":"0d96f9df8772633a9df4c81cf323a4ef8998ba59","sha256":"6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101","sha512":"7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30","ssdeep":"384:XrqR6Q0npafIm4rKi/BwEXN1w29mItq0W5i6G:Q70nBrKuB0Uqti6G","tlshash":"c692a6daba85723613f76076913f220b733b356528068458d22ad7c12c7d68f6317f6e","size":19986,"data":"","first_seen":"2023-10-13T06:51:00Z","last_seen":"2026-05-04T08:48:52.402198Z","times_seen":17327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34ad0a116707d3b794129a6720af92d7","sha1":"424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4","sha256":"d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262","sha512":"4d7cca00f0d83452fe3513c0c07c97ca5318dfcda0937df40626e49c9e15ef9a4287e6aa98da4c873d46248a20418b0ef793704c6619efad43c8b338a515cb37","ssdeep":"","tlshash":"43e0226b3b45293456f7aab3337fe37c3a22e0969cc015201968cd5ccd2bac042352c4","size":393,"data":"","first_seen":"2023-04-05T04:39:40Z","last_seen":"2025-03-02T06:13:46.994369Z","times_seen":143291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T00:09:49.757308Z","times_seen":14711689,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-10T02:42:33.985Z","timestamp":1702176153985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lotto24.de","organization":"Lotto24 AG"},"issuer":{"commonName":"Trusted Secure Certificate Authority 5","organization":"Corporation Service Company"},"validity":{"start":"Thu, 26 Jan 2023 00:00:00 GMT","end":"Thu, 25 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"9A:B9:6C:DF:B3:9E:3D:BD:7E:F4:66:2B:CE:17:1C:CC:01:1C:29:BE","sha256":"83:8D:2C:49:AD:FE:FE:3A:6A:7B:AC:E0:9C:34:AC:05:F1:14:3A:8F:EE:B6:DD:C1:4E:6C:AF:02:9B:51:10:F3"}}},"request":{"raw":"GET /geoblockpixel_only_DE.png?version= HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Sun, 10 Dec 2023 02:42:26 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: max-age=15\r\nExpires: Sun, 10 Dec 2023 02:42:41 GMT\r\nSet-Cookie: __cf_bm=0L5vDkjI0vxoV9YE8a3zMht2fEscRHRGCY84mmAt1Eo-1702176146-1-AQBVkRdys5EN+wnVJwLRk3REI6ys5OVyiJbTqE0jnCt+2XzLxYOwLNmp51GVmpcmupUJeV32MDvkqDhb13dI0ec=; path=/; expires=Sun, 10-Dec-23 03:12:26 GMT; domain=.lotto24.de; HttpOnly; SameSite=None\r\nVary: Accept-Encoding\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 833222769f76b4f7-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":2008,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- exported SGML document text\n- exported SGML document, ASCII text, with very long lines (394)","md5":"276ad463e9443abd2b6d997d7b89e233","sha1":"ee7793d90410badcf6b67bee8aaa1a5ff5c64874","sha256":"38149169fd81bd0a0225dfe8da1528a7dee6ded98c80e01c43518d5ed254ca62","sha512":"d06788b6df3fbf65cc6f073b632eaa1abe873416b4a3c00ef314df62215cc9b6cd325d3ebee1dbbab594eb662353ae7b48b8fd824cd2f9e1de1403974e782edd","ssdeep":"96:1j9jwIjYj5jDK/D5DMF+C81ZqXKHvpIkdNXrR79PaQxJbDLnqsG:1j9jhjYj9K/Vo+nmaHvFdNXrl9ieJnqv","tlshash":"05a19527befd217e10a381a225ec63497aa0c513c6a705a076acc1751f9ef59fe171c0","first_seen":"2023-12-10T03:42:58Z","last_seen":"2023-12-10T03:42:58Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":7,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/cdn-cgi/styles/cf.errors.css","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.376Z","timestamp":1702176154376,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/styles/cf.errors.css HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 10 Dec 2023 02:42:27 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Fri, 01 Dec 2023 15:04:24 GMT\r\nETag: W/\"6569f5f8-5e44\"\r\nServer: cloudflare\r\nCF-RAY: 83322278482ab4f7-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nVary: Accept-Encoding\r\nExpires: Sun, 10 Dec 2023 04:42:27 GMT\r\nCache-Control: max-age=7200, public\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4529,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24131)","md5":"a1cedc21f16b5a97114857154fab35e9","sha1":"95e9890a15a4f7f94f7f19d2c297e4b07503c526","sha256":"1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b","sha512":"00e857331dce66901120b042a254e5af5135364f718da56110a4744f3e64f9b61ba0b877013af8398a0f865c7bde6ad2f87b3c9d2d828651806409cba57aa34e","ssdeep":"192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UusV7MSE6XZ2dKI:JwV+oUcoQJpdf1dxKSI7/Uue7ZX2qk","tlshash":"70b21223e5f5381a2516a13ca08a92dc69356073f7f30e9eb985e06cd78dd791f226c3","first_seen":"2023-04-05T05:34:42Z","last_seen":"2024-08-21T09:44:40.322898Z","times_seen":31956,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/cdn-cgi/images/browser-bar.png?1376755637","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.145.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.411Z","timestamp":1702176154411,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://geoblocking.lotto24.de/cdn-cgi/styles/cf.errors.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 10 Dec 2023 02:42:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 715\r\nConnection: keep-alive\r\nLast-Modified: Fri, 01 Dec 2023 15:04:24 GMT\r\nETag: \"6569f5f8-2cb\"\r\nServer: cloudflare\r\nCF-RAY: 83322278783ab4f7-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nVary: Accept-Encoding\r\nExpires: Sun, 10 Dec 2023 04:42:27 GMT\r\nCache-Control: max-age=7200, public\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 53, 8-bit colormap, non-interlaced\n- data","md5":"226dcb8f6144bdaafdfbd8f2f354be64","sha1":"3785cc5b3bf52f8e398177b0ff1020b24aa86b8c","sha256":"8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db","sha512":"ed898b12c4895f7aceaab443c1071e6376db71b4dfdbd769f5f3be71d562438a18b5e5dc36dd7cc610926e380603a894b2e81df4302680c736a412bfd3360d3a","ssdeep":"","tlshash":"a5014ec4a009bcb009f21b37859cb601c07175098e23f023045eb9b22b7accf83a8f92","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T23:54:49.48168Z","times_seen":163806,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/cdn-cgi/images/cf-no-screenshot-error.png","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.144.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.413Z","timestamp":1702176154413,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://geoblocking.lotto24.de/cdn-cgi/styles/cf.errors.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 10 Dec 2023 02:42:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 3213\r\nConnection: keep-alive\r\nLast-Modified: Fri, 01 Dec 2023 15:04:24 GMT\r\nETag: \"6569f5f8-c8d\"\r\nServer: cloudflare\r\nCF-RAY: 83322278794db4f4-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nVary: Accept-Encoding\r\nExpires: Sun, 10 Dec 2023 04:42:27 GMT\r\nCache-Control: max-age=7200, public\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3213,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 178 x 175, 8-bit colormap, non-interlaced\n- data","md5":"0d768cbc261841d3affc933b9ac3130e","sha1":"aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7","sha256":"1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0","sha512":"ce5b1bbb8cf6b0c3d1fa146d1700db2300abd6f2bdbe43ecaac6aebc911be6e1bcd2f8c6704a2cfa67bbb45598793ddec017e05c2c37ce387293aae08e7c342f","ssdeep":"","tlshash":"7561f7f185012a2a2fb7dc8552ecc3a810166b7b353744e73ba46d344cde7781325f59","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T23:54:49.479054Z","times_seen":163813,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]}},{"url":{"schema":"https","addr":"geoblocking.lotto24.de/favicon.ico","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.144.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.532Z","timestamp":1702176154532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lotto24.de","organization":"Lotto24 AG"},"issuer":{"commonName":"Trusted Secure Certificate Authority 5","organization":"Corporation Service Company"},"validity":{"start":"Thu, 26 Jan 2023 00:00:00 GMT","end":"Thu, 25 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"9A:B9:6C:DF:B3:9E:3D:BD:7E:F4:66:2B:CE:17:1C:CC:01:1C:29:BE","sha256":"83:8D:2C:49:AD:FE:FE:3A:6A:7B:AC:E0:9C:34:AC:05:F1:14:3A:8F:EE:B6:DD:C1:4E:6C:AF:02:9B:51:10:F3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 10 Dec 2023 02:42:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Sun, 10 Dec 2023 03:42:27 GMT\r\nLocation: https://geoblocking.lotto24.de/favicon.ico\r\nSet-Cookie: __cf_bm=uoTU_v9x1HsTRlIN8KtzF4.dIs89xWmOTN85hHF4O_Y-1702176147-1-AZPY0mkVI736BjSFFm41osLqR6J+NbgfWS6tj+35pcpZC46D87j24LgZdVN4IVqqpmTM0ATRqH+9nSUQ8klXo/A=; path=/; expires=Sun, 10-Dec-23 03:12:27 GMT; domain=.lotto24.de; HttpOnly; SameSite=None\r\nVary: Accept-Encoding\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 83322278e96fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T00:09:49.757308Z","times_seen":14711689,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":141,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"geoblocking.lotto24.de/cdn-cgi/rum?","fqdn":"geoblocking.lotto24.de","domain":"lotto24.de","tld":"de"},"ip":{"addr":"104.19.144.120","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.511Z","timestamp":1702176154511,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: geoblocking.lotto24.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=\r\ncontent-type: application/json\r\nContent-Length: 2054\r\nOrigin: http://geoblocking.lotto24.de\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 204 No Content\r\nDate: Sun, 10 Dec 2023 02:42:27 GMT\r\nConnection: keep-alive\r\naccess-control-allow-origin: http://geoblocking.lotto24.de\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nServer: cloudflare\r\nCF-RAY: 83322279197eb4f4-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T00:09:49.757308Z","times_seen":14711689,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.56.101","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://geoblocking.lotto24.de/geoblockpixel_only_DE.png?version=","date":"2023-12-10T02:42:34.379Z","timestamp":1702176154379,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 10 Apr 2023 00:00:00 GMT","end":"Tue, 09 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8","sha256":"4A:21:87:C4:F3:51:A5:AE:14:5E:BE:9F:5F:A4:21:CE:D6:A0:0E:E1:D2:D3:14:48:22:CB:A0:53:D7:02:D3:62"}}},"request":{"raw":"GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://geoblocking.lotto24.de\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 10 Dec 2023 02:42:27 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2023.10.0\"\r\nlast-modified: Tue, 10 Oct 2023 21:38:13 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 833222785a89b524-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19986,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (19986), with no line terminators","md5":"dd1d068fdb5fe90b6c05a5b3940e088c","sha1":"0d96f9df8772633a9df4c81cf323a4ef8998ba59","sha256":"6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101","sha512":"7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30","ssdeep":"384:XrqR6Q0npafIm4rKi/BwEXN1w29mItq0W5i6G:Q70nBrKuB0Uqti6G","tlshash":"c692a6daba85723613f76076913f220b733b356528068458d22ad7c12c7d68f6317f6e","first_seen":"2023-10-13T06:51:00Z","last_seen":"2026-05-04T08:48:52.402198Z","times_seen":17327,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":28,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}