{"report_id":"f79e71c6-2490-4b03-8d29-71d99d6f4701","version":6,"status":"done","tags":[],"date":"2024-11-29T19:37:08Z","url":{"schema":"http","addr":"www.google.rs/amp/parlakteknik.com/ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ=","fqdn":"www.google.rs","domain":"google.rs","tld":"rs"},"ip":{"addr":"142.250.74.99","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net","fqdn":"upthinktutors.com","domain":"upthinktutors.com","tld":"com"},"title":"upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-02-07T19:37:08Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.google.rs","ip":{"addr":"172.217.21.163","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-03-10","domain_rank":28691,"first_seen":"2012-05-21T13:46:27Z","last_seen":"2024-11-29T19:37:03.366026Z","alert_count":0,"request_count":1,"received_data":1535,"sent_data":620,"comment":"","tags":null,"fingerprints":null},{"fqdn":"parlakteknik.com","ip":{"addr":"172.93.120.138","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United States","country_code":"US"},"domain_registered":"2022-01-08","domain_rank":0,"first_seen":"2024-11-27T21:35:00.716407Z","last_seen":"2024-11-27T21:35:00.716407Z","alert_count":0,"request_count":1,"received_data":327,"sent_data":449,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upthinktutors.com","ip":{"addr":"108.167.141.19","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2020-02-03","domain_rank":0,"first_seen":"2024-11-14T21:14:00.462166Z","last_seen":"2024-11-29T08:28:24.403303Z","alert_count":4,"request_count":4,"received_data":8090,"sent_data":2477,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"www.google.rs/amp/parlakteknik.com/ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ=","fqdn":"www.google.rs","domain":"google.rs","tld":"rs"},"ip":{"addr":"172.217.21.163","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-11-29T19:36:44.298797647Z","timestamp":1732909004298,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /amp/parlakteknik.com/ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ= HTTP/1.1\r\nHost: www.google.rs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nlocation: http://parlakteknik.com/ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ=\r\ncache-control: private\r\nx-robots-tag: noindex\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6RaOMwOAl1eg4bpTzQ9FcQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/fff\"}]}\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ndate: Fri, 29 Nov 2024 19:36:44 GMT\r\nserver: gws\r\ncontent-length: 283\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: __Secure-ENID=24.SE=mFA1JLTs2TgokXkKgD9dUWJiNV0-sFEoTkB0AWeOqdi77H1aun1spmvULw4yNZ5fVgdAU1L-bUTR15nOaOnA_0n0pecqzmYJsJ3K5AKwy2WLv7vPAY4ZjrwmOCRl-s3LOOkEi2u40VJ5uhDNVv3eIgoUn_c0fg9n9MrOkFdYMbBhbgucVg51Ax5kpHsitIJmidepCA0icKvVBZ_Hd-fl-ty4FVxTE1_8-dBcmtqo; expires=Tue, 30-Dec-2025 11:55:01 GMT; path=/; domain=.google.rs; Secure; HttpOnly; SameSite=lax\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":283,"size_decoded":283,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"981160b431a23e12a87f9e7c25b932ed","sha1":"05f146f55fe5db6f090fc600321ef656b5e1055d","sha256":"04ed53c3aa2a4db71d7d3c9c27073c473e5d8a3c80a098be583cdf7ddb32b2e0","sha512":"8ec7a5a76bbb059d084adb8aa723901ff33be666c84f9f597f2d33881d6886c70daba4c257598ab28b155122327f341c82bec1c50cf2278da8b3a1c9e62418e6","ssdeep":"","tlshash":"34d02bbd5c0e241793b3bb76343984784c297145d21ad95bc2b589565c95e7502c2f83","first_seen":"2024-11-29T19:37:03.703986Z","last_seen":"2024-11-29T19:37:08.586083Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"parlakteknik.com/ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ=","fqdn":"parlakteknik.com","domain":"parlakteknik.com","tld":"com"},"ip":{"addr":"172.93.120.138","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-11-29T19:36:44.613649184Z","timestamp":1732909004613,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ddats/authyr/g8x7t2p44CTlYLHFaGZ4nwHC/amltQHNsdXJwbWFpbC5uZXQ= HTTP/1.1\r\nHost: parlakteknik.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 29 Nov 2024 19:36:44 GMT\r\nServer: Apache\r\nrefresh: 0;url= https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T06:23:13.010739Z","times_seen":13887845,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net","fqdn":"upthinktutors.com","domain":"upthinktutors.com","tld":"com"},"ip":{"addr":"108.167.141.19","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-11-29T19:36:45.919Z","timestamp":1732909005919,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upthinktutors.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Oct 2024 04:21:17 GMT","end":"Tue, 28 Jan 2025 04:21:16 GMT"},"fingerprint":{"sha1":"D6:68:93:FB:A0:B9:F0:5C:9C:12:29:F4:5C:85:18:42:56:BA:5D:B6","sha256":"72:C7:5D:BE:F8:4E:FD:8B:62:D7:EC:C6:A6:41:AA:DC:FA:6E:ED:85:EE:FB:D6:F4:50:10:2A:31:16:34:32:62"}}},"request":{"raw":"GET /o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net HTTP/1.1\r\nHost: upthinktutors.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1563\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Fri, 29 Nov 2024 19:36:45 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1563,"size_decoded":4713,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4429)","md5":"49608e3a47eb7371d1611de936c4c10b","sha1":"43310949e499a8107dcebd3c63f6d34443e750ea","sha256":"d1a50564605f103831c07fc6b34bf09f7c80c3e45f4bb5829aa296b1d7804af1","sha512":"f06625fb5a29fdcb5139d318f82d1869f5fa8c0dc7697bd6332f7e94c4a67a4f0e2f3f638990a04ceb7b1c9b4977f370a996265d9fdfa3420204c7f5ce5659d8","ssdeep":"96:WQRlH5KY2b0s+uBxSaC2N9rx9G/YpJQ5K1tyYSs99YRJ:zRlH5KY2b0sjBxSaC2N9rx9GgpJQ5Kap","tlshash":"dea14020fe70c9fa9d930b2bfa133642a9de42c42569102b835dcabca5077ccc91a1d9","first_seen":"2024-08-16T22:28:47Z","last_seen":"2025-09-17T10:09:17.748439Z","times_seen":2425,"resource_available":false,"data":null}},"time_used":1201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":516,"wait":685,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upthinktutors.com/favicon.ico","fqdn":"upthinktutors.com","domain":"upthinktutors.com","tld":"com"},"ip":{"addr":"108.167.141.19","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net","date":"2024-11-29T19:36:47.156Z","timestamp":1732909007156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upthinktutors.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Oct 2024 04:21:17 GMT","end":"Tue, 28 Jan 2025 04:21:16 GMT"},"fingerprint":{"sha1":"D6:68:93:FB:A0:B9:F0:5C:9C:12:29:F4:5C:85:18:42:56:BA:5D:B6","sha256":"72:C7:5D:BE:F8:4E:FD:8B:62:D7:EC:C6:A6:41:AA:DC:FA:6E:ED:85:EE:FB:D6:F4:50:10:2A:31:16:34:32:62"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: upthinktutors.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 05 Sep 2014 08:31:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2780\r\ncache-control: max-age=604800\r\nexpires: Fri, 06 Dec 2024 19:36:46 GMT\r\ncontent-type: image/x-icon\r\ndate: Fri, 29 Nov 2024 19:36:46 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2780,"size_decoded":2780,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with \n- PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel","md5":"dabe9ce5581670f84e89a789a78d09b8","sha1":"1662f23ff5553364505a29cac571102cf370fc85","sha256":"04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208","sha512":"f09a24e952af31c69c0b1f2efea433f442b2ed79d6caf80864a0fc1c1030807f39fe7201b9eb597d1645c5ba5614b9eca98d171eddc794bd7311b252a84fb1f4","ssdeep":"","tlshash":"cb510a03aad1e8b0c72dc29f813572c1f7559a2591dcf8634ae5ac7a197370c605e7c6","first_seen":"2023-04-10T09:00:59Z","last_seen":"2026-04-18T06:18:52.145272Z","times_seen":2579,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net","fqdn":"upthinktutors.com","domain":"upthinktutors.com","tld":"com"},"ip":{"addr":"108.167.141.19","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-11-29T19:36:45.919Z","timestamp":1732909005919,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upthinktutors.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Oct 2024 04:21:17 GMT","end":"Tue, 28 Jan 2025 04:21:16 GMT"},"fingerprint":{"sha1":"D6:68:93:FB:A0:B9:F0:5C:9C:12:29:F4:5C:85:18:42:56:BA:5D:B6","sha256":"72:C7:5D:BE:F8:4E:FD:8B:62:D7:EC:C6:A6:41:AA:DC:FA:6E:ED:85:EE:FB:D6:F4:50:10:2A:31:16:34:32:62"}}},"request":{"raw":"POST /o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net HTTP/1.1\r\nHost: upthinktutors.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 111492\r\nOrigin: https://upthinktutors.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 21\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Fri, 29 Nov 2024 19:36:45 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21,"size_decoded":1,"mime_type":"text/html; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-18T06:25:24.848204Z","times_seen":189585,"resource_available":true,"data":null}},"time_used":1201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":516,"wait":685,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upthinktutors.com/favicon.ico","fqdn":"upthinktutors.com","domain":"upthinktutors.com","tld":"com"},"ip":{"addr":"108.167.141.19","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net","date":"2024-11-29T19:36:47.156Z","timestamp":1732909007156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upthinktutors.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Oct 2024 04:21:17 GMT","end":"Tue, 28 Jan 2025 04:21:16 GMT"},"fingerprint":{"sha1":"D6:68:93:FB:A0:B9:F0:5C:9C:12:29:F4:5C:85:18:42:56:BA:5D:B6","sha256":"72:C7:5D:BE:F8:4E:FD:8B:62:D7:EC:C6:A6:41:AA:DC:FA:6E:ED:85:EE:FB:D6:F4:50:10:2A:31:16:34:32:62"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: upthinktutors.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upthinktutors.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWNXcGpTRTg9JnVpZD1VU0VSMTUxMTIwMjRVMjIxMTE1NTY=N0123Njim@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 05 Sep 2014 08:31:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2780\r\ncache-control: max-age=604800\r\nexpires: Fri, 06 Dec 2024 19:36:47 GMT\r\ncontent-type: image/x-icon\r\ndate: Fri, 29 Nov 2024 19:36:47 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2780,"size_decoded":2780,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with \n- PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel","md5":"dabe9ce5581670f84e89a789a78d09b8","sha1":"1662f23ff5553364505a29cac571102cf370fc85","sha256":"04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208","sha512":"f09a24e952af31c69c0b1f2efea433f442b2ed79d6caf80864a0fc1c1030807f39fe7201b9eb597d1645c5ba5614b9eca98d171eddc794bd7311b252a84fb1f4","ssdeep":"","tlshash":"cb510a03aad1e8b0c72dc29f813572c1f7559a2591dcf8634ae5ac7a197370c605e7c6","first_seen":"2023-04-10T09:00:59Z","last_seen":"2026-04-18T06:18:52.145272Z","times_seen":2579,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-11-29","alert":"Sinkholed","trigger":"upthinktutors.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}