{"report_id":"f871f560-476b-46d7-956d-78175277377d","version":6,"status":"done","tags":[],"date":"2025-01-13T23:11:26Z","url":{"schema":"http","addr":"www.topbuildersolutions.net/clickthrough.aspx?rurl=https://hbmarchitects.us/AgFNdWDFpn?S=ajones@foxhallmedicine.com/","fqdn":"www.topbuildersolutions.net","domain":"topbuildersolutions.net","tld":"net"},"ip":{"addr":"54.196.244.37","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"title":"Ipsum labore amet velit ex."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-24T23:11:26Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.topbuildersolutions.net","ip":{"addr":"54.196.244.37","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2010-06-28","domain_rank":0,"first_seen":"2014-04-24T15:59:25Z","last_seen":"2025-01-13T20:11:32.699978Z","alert_count":0,"request_count":1,"received_data":1268,"sent_data":570,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hbmarchitects.us","ip":{"addr":"172.67.220.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2024-10-04","domain_rank":0,"first_seen":"2024-12-19T23:57:12.118053Z","last_seen":"2025-01-13T21:50:12.208225Z","alert_count":4,"request_count":11,"received_data":953264,"sent_data":4748,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:02Z","timestamp":1736809862,"ip_dst":{"addr":"172.18.0.22","port":37788,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:02.979997+0000\",\"flow_id\":725482748659510,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37788,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/fd9d1056-61ed0acb92333f0a.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":69258},\"files\":[{\"filename\":\"/_next/static/chunks/fd9d1056-61ed0acb92333f0a.js\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":102400,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":56,\"bytes_toserver\":1745,\"bytes_toclient\":75434,\"start\":\"2025-01-13T23:11:02.935734+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:12Z","timestamp":1736809872,"ip_dst":{"addr":"172.18.0.22","port":45966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"172.67.220.164","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:12.956412+0000\",\"flow_id\":1861454353814206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.67.220.164\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":45966,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/app/not-found-97442aa1fadfb8cb.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":8920},\"files\":[{\"filename\":\"/_next/static/chunks/app/not-found-97442aa1fadfb8cb.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":22914,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":25,\"pkts_toclient\":51,\"bytes_toserver\":2967,\"bytes_toclient\":65406,\"start\":\"2025-01-13T23:11:02.479934+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:13Z","timestamp":1736809873,"ip_dst":{"addr":"172.18.0.22","port":37810,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:13.056332+0000\",\"flow_id\":1655832794521327,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37810,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/main-app-6e9565c54018939e.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":8873},\"files\":[{\"filename\":\"/_next/static/chunks/main-app-6e9565c54018939e.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":22949,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":11,\"bytes_toserver\":1205,\"bytes_toclient\":10585,\"start\":\"2025-01-13T23:11:02.941807+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:13Z","timestamp":1736809873,"ip_dst":{"addr":"172.18.0.22","port":37780,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:13.057178+0000\",\"flow_id\":536839195083047,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37780,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":21958},\"files\":[{\"filename\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":58212,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":21,\"bytes_toserver\":1798,\"bytes_toclient\":24330,\"start\":\"2025-01-13T23:11:02.934183+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/webpack-5e30ac7838135f85.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"940347a88d754f61819ed9dedd1807c7","sha1":"b21b168a63ea6e51b706c160cd8f84a9e882b1c5","sha256":"fff56ea643d977fb3bf251df836d8838436d4e9850a760a84bf27c55d41c5d27","sha512":"69823b1f1c268d8a18433cc60387f7091f36c0d9cb217a3c5a68497ed7b95c04b1195d32a5830862ba903f588703b6fa4d7da16663d9b6d77f849bf0cb615be9","ssdeep":"768:qmn2YECy6rGZ/8XKpOsSnS3YSFQRhuMedCmEIzOKDJp1F1+QEETcicZmDUZZbIR/:DBbhU+GIAZehj7C8kf29pKW9QMLjBGfH","tlshash":"fb439744b3d474852397afbb773f70e1f56e489a3989450ae114f8a8e4f4702ead6b30","size":58212,"data":"","first_seen":"2025-01-13T21:50:13.509381Z","last_seen":"2025-01-14T14:32:03.837897Z","times_seen":4,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:13Z","timestamp":1736809873,"ip_dst":{"addr":"172.18.0.22","port":37780,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:13.057178+0000\",\"flow_id\":536839195083047,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37780,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":21958},\"files\":[{\"filename\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":58212,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":21,\"bytes_toserver\":1798,\"bytes_toclient\":24330,\"start\":\"2025-01-13T23:11:02.934183+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"8290045c31005004c1773cd0501754d55030443330401d411d45d4444d7151c033d45c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-11T12:48:49.563046Z","times_seen":81802,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.topbuildersolutions.net/clickthrough.aspx?rurl=https://hbmarchitects.us/AgFNdWDFpn?S=ajones@foxhallmedicine.com/","fqdn":"www.topbuildersolutions.net","domain":"topbuildersolutions.net","tld":"net"},"ip":{"addr":"54.196.244.37","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-13T23:11:01.210Z","timestamp":1736809861210,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"topbuildersolutions.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 02 Sep 2024 00:00:00 GMT","end":"Wed, 01 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"4D:02:35:C0:A8:64:DA:89:6E:9D:62:1B:77:C8:9D:A1:D4:D4:34:CB","sha256":"D1:3C:86:7F:FC:4B:0E:98:56:15:3F:F0:79:B5:F6:A4:E3:3C:BB:23:60:5D:5E:4E:37:0C:4E:9B:D6:CA:98:B4"}}},"request":{"raw":"GET /clickthrough.aspx?rurl=https://hbmarchitects.us/AgFNdWDFpn?S=ajones@foxhallmedicine.com/ HTTP/1.1\r\nHost: www.topbuildersolutions.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 13 Jan 2025 23:11:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 529\r\nlocation: https://hbmarchitects.us/AgFNdWDFpn?S=ajones@foxhallmedicine.com/\r\nset-cookie: AWSALB=E+QoJc8RCWdo4ph+jz5LazdKandMt4hDhnq63F5CD+X8pp4WN3u8l4IhmP45Rxxz/OZceJX9YipwlEOsxNAsy7ktaCkkeABQ6P0fnHKAu5UUdJhXrDl7+N8ElmL9; Expires=Mon, 20 Jan 2025 23:11:01 GMT; Path=/\nAWSALBCORS=E+QoJc8RCWdo4ph+jz5LazdKandMt4hDhnq63F5CD+X8pp4WN3u8l4IhmP45Rxxz/OZceJX9YipwlEOsxNAsy7ktaCkkeABQ6P0fnHKAu5UUdJhXrDl7+N8ElmL9; Expires=Mon, 20 Jan 2025 23:11:01 GMT; Path=/; SameSite=None; Secure\r\ncache-control: private\r\ncontent-encoding: gzip\r\nserver: Microsoft-IIS/10.0\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":529,"size_decoded":921,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"efce3176991a74b9fe180c5591f4105d","sha1":"b3197aab91ea027c146fb61e9530de3ccbe9de9a","sha256":"dcba78caa8522ae24013d19a07b94c218a6578438a4d8418f6a6390dde85b6d8","sha512":"b9c69294090bfc2ff582959a919a79c3971d99b926a752189913e21185c903b0061d2b2799921ad0f14b4d13bd3df13b47aed7c8fadf91ce946c74fd97fbd77b","ssdeep":"","tlshash":"171104ac94565d05d0b3aaa4b4d1d7daacc201db4781425976c0b8836e52a93c723bd6","first_seen":"2025-01-13T23:11:27.756642Z","last_seen":"2025-01-13T23:11:27.756642Z","times_seen":1,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":397,"dns":17,"connect":93,"send":0,"wait":95,"receive":0,"ssl":281},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"172.67.220.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-13T23:11:02.071Z","timestamp":1736809862071,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hbmarchitects.us","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Dec 2024 14:16:27 GMT","end":"Tue, 18 Mar 2025 15:14:07 GMT"},"fingerprint":{"sha1":"69:B4:65:72:2D:FB:E4:E7:D5:50:62:0E:30:56:2E:A9:F5:A7:EE:E2","sha256":"84:34:91:66:05:D8:BA:19:58:3F:BB:61:27:C0:21:40:15:F2:04:F7:F5:73:3E:63:8F:BD:A5:E7:7A:D1:14:6A"}}},"request":{"raw":"GET /AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nVary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding\r\nlink: \u003c/_next/static/media/a34f9d1faa5f3315-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\"\r\nX-Powered-By: Next.js\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rRzGRMfFH5rAY6dxlnxLSTwVZpwrSuDQsJ9IWqydBk80mt%2BlnRsVNECBh3UGv6%2BUo%2Bo75PDoCI3dgnMYMt3dScXNQntqX9ZUbYl61c2v1I8ffvH5dgVRkU%2FUW%2BXtSxPvLeMm\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9019102878d00b45-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=534\u0026min_rtt=534\u0026rtt_var=267\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=434\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1473,"size_decoded":4113,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4113), with no line terminators","md5":"79c80489016f960974f460e2e5aa8867","sha1":"48a9f6b6c1acf8629910191d266da31a6ca94fa3","sha256":"62df090b97b354fdb0f774ca9ddd420bcfcfb67ee1130e0d4d80c5ac8e887389","sha512":"b1371a94aae19c79751c43433ff8be5d79c827051a9843ffce090bf1a14bbb38332a38d4763bbeccd36a6392bf48a97976913a55a9a733b2bf647463d0a6a6e9","ssdeep":"96:TmyTMPOoqAJJsPnvAB0ggjBcXHKP3UObI5PjcfIfcQ7b0uW:LTUOvtnvpsHKP3UKh","tlshash":"0e81dfabec06de0bdc762e1c457fac3910cd883b4b20d9a896dece5906019b91bd6d80","first_seen":"2025-01-13T23:11:27.759821Z","last_seen":"2025-01-13T23:11:27.759821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-13T23:11:02.071Z","timestamp":1736809862071,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hbmarchitects.us","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Dec 2024 14:16:27 GMT","end":"Tue, 18 Mar 2025 15:14:07 GMT"},"fingerprint":{"sha1":"69:B4:65:72:2D:FB:E4:E7:D5:50:62:0E:30:56:2E:A9:F5:A7:EE:E2","sha256":"84:34:91:66:05:D8:BA:19:58:3F:BB:61:27:C0:21:40:15:F2:04:F7:F5:73:3E:63:8F:BD:A5:E7:7A:D1:14:6A"}}},"request":{"raw":"GET /AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 13 Jan 2025 23:11:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nvary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding\r\nlink: \u003c/_next/static/media/a34f9d1faa5f3315-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\"\r\nx-powered-by: Next.js\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EpXW5%2BFgMgpmHx5MaG3r8fTJRI0Daa3MtDReoDl6ZMXVug98CGm01iGHSM6OfaEu3fEKcFVnyhUoSuTDyvhzrmW04TpReFSWKCAj0VGU4v36Ay%2FIASoPUmxjIuJ22rMvD6TH\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 90191025ebf4712d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=4930\u0026min_rtt=454\u0026rtt_var=8929\u0026sent=10\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=4040\u0026recv_bytes=1378\u0026delivery_rate=8883435\u0026cwnd=256\u0026unsent_bytes=0\u0026cid=7e4e0bb3ddd31ffe\u0026ts=496\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":50024,"size_decoded":4113,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4113), with no line terminators","md5":"79c80489016f960974f460e2e5aa8867","sha1":"48a9f6b6c1acf8629910191d266da31a6ca94fa3","sha256":"62df090b97b354fdb0f774ca9ddd420bcfcfb67ee1130e0d4d80c5ac8e887389","sha512":"b1371a94aae19c79751c43433ff8be5d79c827051a9843ffce090bf1a14bbb38332a38d4763bbeccd36a6392bf48a97976913a55a9a733b2bf647463d0a6a6e9","ssdeep":"96:TmyTMPOoqAJJsPnvAB0ggjBcXHKP3UObI5PjcfIfcQ7b0uW:LTUOvtnvpsHKP3UKh","tlshash":"0e81dfabec06de0bdc762e1c457fac3910cd883b4b20d9a896dece5906019b91bd6d80","first_seen":"2025-01-13T23:11:27.759821Z","last_seen":"2025-01-13T23:11:27.759821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/webpack-5e30ac7838135f85.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.945Z","timestamp":1736809862945,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/chunks/webpack-5e30ac7838135f85.js HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-e364\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YbK4i7bOEOqdIuv%2FRj2h8%2BlpiHmiZbc1y6LKV%2Fm4l9JSCr2r87FPRT7ozUTdzj7ZAGOnZb%2FQD0M3XDhMS1Gl4%2BQ2p8SdMTbkGdCrGCJaPEg8%2F7hztg7CEXHyjvhhzthjrqwD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b5c20b512-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=434\u0026min_rtt=434\u0026rtt_var=217\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=404\u0026delivery_rate=0\u0026cwnd=244\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21940,"size_decoded":58212,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (58212), with no line terminators","md5":"940347a88d754f61819ed9dedd1807c7","sha1":"b21b168a63ea6e51b706c160cd8f84a9e882b1c5","sha256":"fff56ea643d977fb3bf251df836d8838436d4e9850a760a84bf27c55d41c5d27","sha512":"69823b1f1c268d8a18433cc60387f7091f36c0d9cb217a3c5a68497ed7b95c04b1195d32a5830862ba903f588703b6fa4d7da16663d9b6d77f849bf0cb615be9","ssdeep":"768:qmn2YECy6rGZ/8XKpOsSnS3YSFQRhuMedCmEIzOKDJp1F1+QEETcicZmDUZZbIR/:DBbhU+GIAZehj7C8kf29pKW9QMLjBGfH","tlshash":"fb439744b3d474852397afbb773f70e1f56e489a3989450ae114f8a8e4f4702ead6b30","first_seen":"2025-01-13T21:50:13.509381Z","last_seen":"2025-01-14T14:32:03.837897Z","times_seen":4,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":17,"receive":4,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:13Z","timestamp":1736809873,"ip_dst":{"addr":"172.18.0.22","port":37780,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:13.057178+0000\",\"flow_id\":536839195083047,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37780,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":21958},\"files\":[{\"filename\":\"/_next/static/chunks/webpack-5e30ac7838135f85.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":58212,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":21,\"bytes_toserver\":1798,\"bytes_toclient\":24330,\"start\":\"2025-01-13T23:11:02.934183+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/app/not-found-97442aa1fadfb8cb.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"172.67.220.164","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.951Z","timestamp":1736809862951,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/chunks/app/not-found-97442aa1fadfb8cb.js HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-5982\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Fm4UvF%2Bz6YnTAypqeLonDQ1f5T%2FQOHFYhV4oq3xovIuW3MJREp6tvg5J5a%2B%2FNGRkkGAA00rHI%2BXwB%2FIaDUWrtpQ2BZnWwZpHsVfJMPEj46c2XTg9VAsaSUfTNa6vLinnX99h\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b6b7e0b45-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=748\u0026min_rtt=534\u0026rtt_var=174\u0026sent=41\u0026recv=23\u0026lost=0\u0026retrans=0\u0026sent_bytes=52120\u0026recv_bytes=1309\u0026delivery_rate=48777670\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8909,"size_decoded":22914,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22914), with no line terminators","md5":"bf22bd1f60f162b96a21bd0b3c45edb2","sha1":"2a3844cd4713706c27c00d9951c33b484c42e07e","sha256":"c2e0202245ddda7af9232f71df722dbccdc3d3b91e7198ec67c1c36ee53e9b00","sha512":"019424745f6437d457f53dac1be82cb41734af51ca44d7d437dc8a0976a3e8d00ec68f1a1781d5abac831e7a3a5fc2148ed13fec26d759074002f62d0414cfcb","ssdeep":"384:P2lIq3ApWwk5iLgDSUBu/z/DOtMmrqyz3Lo20BenacY+MK3/cqXZMaPUI3dCEvjJ:P2qgcRcmgDSUBu/z/sxWA3L107cY+MKb","tlshash":"c2a28545b3c1b894076763fb3b2fa0e5e46b1dad6988084fe244f975fca421dc9e5a30","first_seen":"2025-01-13T21:50:13.510965Z","last_seen":"2025-01-14T14:32:03.836937Z","times_seen":4,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":16,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:12Z","timestamp":1736809872,"ip_dst":{"addr":"172.18.0.22","port":45966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"172.67.220.164","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:12.956412+0000\",\"flow_id\":1861454353814206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.67.220.164\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":45966,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/app/not-found-97442aa1fadfb8cb.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":8920},\"files\":[{\"filename\":\"/_next/static/chunks/app/not-found-97442aa1fadfb8cb.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":22914,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":25,\"pkts_toclient\":51,\"bytes_toserver\":2967,\"bytes_toclient\":65406,\"start\":\"2025-01-13T23:11:02.479934+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/css/c6898f32edaed29a.css","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.944Z","timestamp":1736809862944,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/css/c6898f32edaed29a.css HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-40b9\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=baFoK4Fulr5bjQpbSBlSn6kucEwIUtxSrcn%2F68N2agnnnu8rhncxFTrFugJfVuAI%2F5lLouuNxOGV2HRD0rP3JSJittnqSBkgmwdRUx850MAvQzqc520m8ejAxauVB0kf0W6m\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b5ff1b4ed-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=399\u0026min_rtt=399\u0026rtt_var=199\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=409\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4218,"size_decoded":16569,"mime_type":"text/css","magic":"ASCII text, with very long lines (12123)","md5":"a6e35bda7a00d5298e5996d71f746d12","sha1":"67ffa737c81885c2cede291031c99c510001ac66","sha256":"e358e4605c8cce4c7593f93aa83e6b95e221063a5483a0d9a14d7d8e8c2ba884","sha512":"25f2c5318508008b547a8056ae3b24871665affaa38b42b49d54e10b9fe8a5dea8f66f5fcf3ed128122b73405917b62ac1c0be97731b5160bb5764d44fba6d67","ssdeep":"192:hxSYa7JXYS7JXY8FwLGsB9WIGqfUNLeqract5O:L7cHRwHXoteqrauA","tlshash":"a872a31ca615003fac3384fbe5d4b959b11ab1c0ee3a97e7ae426510ebca7b319d3704","first_seen":"2024-12-19T23:57:14.686592Z","last_seen":"2025-01-14T14:32:03.83927Z","times_seen":7,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":38,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/main-app-6e9565c54018939e.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.950Z","timestamp":1736809862950,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/chunks/main-app-6e9565c54018939e.js HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-59a5\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tbgP5e0%2Bhu3%2BCytH9wRA5O3u4P%2BVr7Ws%2BhUXKOUhYvQ27rqM3X6HwGdyPIiPrJ40b2zi7BLkCKZWFToJXep6YEeREXCBhK%2F%2Bykb8VX5JS9xUg9D7lzkT2FW8cBFCo74TbIuS\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b6b2b712a-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=605\u0026min_rtt=605\u0026rtt_var=302\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=405\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8862,"size_decoded":22949,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22949), with no line terminators","md5":"21ceb56daf6fa736032263b4d6064eec","sha1":"1173951db1722d998a8719661c7c8b7c82d0d5f6","sha256":"52289bfc7cf8073a4fdf4f017d63b310ae72dbdbc4cc4fb38c7d7666c575c5bd","sha512":"754a25ad4c1a502d656871697c7f4e3c9f481fece24584b4ed28713e5fd92b27785e2a8426ea9d11b09a0fb0f9e78eba5da8f0e25fc02bd2766d961b0edec221","ssdeep":"384:avYEyoQ7yTYV2GeWi/rYb+L2ofskTRZhDqJp3YNlIBwiPCkwWf++oXA6C3id8KMb:avYEt+y0V2lXTYb+L2o0kTNDqJ6NQwO9","tlshash":"cca28305bbc1b884134b6bbb7a2f70c5f4ae18d96a88045fe105f8b4fde4205e9d1e70","first_seen":"2025-01-13T21:50:13.506018Z","last_seen":"2025-01-14T14:32:03.835906Z","times_seen":4,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":1,"connect":2,"send":0,"wait":37,"receive":13,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:13Z","timestamp":1736809873,"ip_dst":{"addr":"172.18.0.22","port":37810,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:13.056332+0000\",\"flow_id\":1655832794521327,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37810,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/main-app-6e9565c54018939e.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":8873},\"files\":[{\"filename\":\"/_next/static/chunks/main-app-6e9565c54018939e.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":22949,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":11,\"bytes_toserver\":1205,\"bytes_toclient\":10585,\"start\":\"2025-01-13T23:11:02.941807+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/23-9782d093d54c9ada.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.948Z","timestamp":1736809862948,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/chunks/23-9782d093d54c9ada.js HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-c948e\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=LdiGMX8OjAw5n77sd7JSftbrnFU8NDQ4H0HYo6GqIVFuGZQOv6XsyIbMjAru1w0pxqXSPRZ25u3jq%2Fb5rUU2tkvvN5ONI6BExonAskhN%2BeSssb8w2McrV%2B8%2BdgKCnVP69FJ1\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b5f46b511-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=410\u0026min_rtt=410\u0026rtt_var=205\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=399\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":299724,"size_decoded":824462,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4f1a89cffecc270a4d372745c5334dba","sha1":"fd8290edb64192d4294fed125fa1ad1af6e1d8b7","sha256":"aed62e81db03e62f1b705856fd4048f73d9116a472699980a1db7907dc3716c8","sha512":"b36211eae28efb1e6ed24f6d1eb8d2aed65352f486f5719c6e8ed723b5d8ca1cb9b3ecd6bb78db0d6e21cf21e623e6b94254166f8f2c19868c4f5a6dcfd810bc","ssdeep":"24576:QKoWRVmw5u2UpNpBNY58gBqNjYBdl6AjhQOZq3QKXQnLUieynNEZDS2clgC:TRVmw5u2Up3BNYqgBqNjol6AjhQOZq3m","tlshash":"0a05d74472c07c8123475fbbb72bb0d4e52e0cee7584489be644fc68f9b5626ead1a31","first_seen":"2025-01-13T21:50:13.512854Z","last_seen":"2025-01-14T14:32:03.840261Z","times_seen":4,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":43,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/chunks/fd9d1056-61ed0acb92333f0a.js","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.946Z","timestamp":1736809862946,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/chunks/fd9d1056-61ed0acb92333f0a.js HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: W/\"677ec0e0-15ba8f\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EG7BK%2FFEvfciGmThfMlP9OQJhloPxlZu8JhDHiwtoALZ3poYSh2ZE%2Bp2jAT%2FWau6L3dx7btHP3iVhJKdYbz6M8vvn%2B28yOFD1v8PhWsg2nRVbU%2F94isIaPEAK8e3gs8cKNhq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b5cab56a5-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=474\u0026min_rtt=474\u0026rtt_var=237\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=405\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":489742,"size_decoded":1424015,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8dd4d34dfbe10b7e0dd8b72744f49622","sha1":"7653645cda003985304ad9d6187a05de03d6a60d","sha256":"a6a5f8fc468282c7e50eb6af9949937bf2e7f8d182eb04e763070721affb6bfd","sha512":"17ef46b0b70ffb7b0cef9ac373b2839950066752452e670745da7da704041a068f4739deece9a70a3d7781c4a48df88dc6f92cdf3d558b69978a3bdf5021805c","ssdeep":"12288:eL7qlN1uO1VA2GXp7KCzkoT9Gxs9TAtPk2BMYdtQ6rXEFuxZtAUfxlN9Hsfjvi6S:t31uOjsXp7z6VbPE4Ai9HsfjmDyy","tlshash":"9a65735463c4bc81034b6bbb771bb0d6f46e18dab454083be248fda5f5e531ae9e1a30","first_seen":"2025-01-13T21:50:13.515598Z","last_seen":"2025-01-14T14:32:03.841212Z","times_seen":4,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":43,"receive":229,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-13T23:11:02Z","timestamp":1736809862,"ip_dst":{"addr":"172.18.0.22","port":37788,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2025-01-13T23:11:02.979997+0000\",\"flow_id\":725482748659510,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"104.21.59.88\",\"src_port\":80,\"dest_ip\":\"172.18.0.22\",\"dest_port\":37788,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"hbmarchitects.us\",\"url\":\"/_next/static/chunks/fd9d1056-61ed0acb92333f0a.js\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":69258},\"files\":[{\"filename\":\"/_next/static/chunks/fd9d1056-61ed0acb92333f0a.js\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":102400,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":56,\"bytes_toserver\":1745,\"bytes_toclient\":75434,\"start\":\"2025-01-13T23:11:02.935734+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/favicon.ico","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:03.810Z","timestamp":1736809863810,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:04 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=14400\r\nLast-Modified: Mon, 16 Dec 2024 20:13:32 GMT\r\nETag: W/\"27f7a-193d11ac52b\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nCF-Cache-Status: EXPIRED\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CUIhLFRqrrhB118RJXgaSFOG%2FRDLZc9plxx7Veco7SdvXWuKoByzEySoPMDM%2BSVeS7SV8Rz0YcWZUJ34BgG1RKQM2Nbx%2BR6b7RAW6QSPCH4QttbGmI9xSU02SakYInNbviea\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 90191030c8de56a5-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=3054\u0026min_rtt=474\u0026rtt_var=191\u0026sent=351\u0026recv=258\u0026lost=0\u0026retrans=1\u0026sent_bytes=490955\u0026recv_bytes=795\u0026delivery_rate=25011721\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4950,"size_decoded":163706,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"0f2307b0e63b55e71bf66695670e634d","sha1":"9fde22a5598c81e0ca3903ce7df47f77a1ae4d19","sha256":"9a2f494181dcb5f7a5db72bbd94d63510330d53e8e85fc5b8c5d87a6d4fdd7bc","sha512":"d0797b4353475e2ae20c5331bfffdfdc84b8e72297109198338fb5e49208b73a5e2636d2294ff227161bdb906ab31bf1c912b5068f88296d6af865d75d6d5515","ssdeep":"1536:gKK6uqSujiYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYv0:4L0","tlshash":"01f3b7f4ad03dc4cfc600930c935b4ec5928ae1636d8a74aeec57e0aab3ba4d50d556f","first_seen":"2024-12-19T23:57:14.700405Z","last_seen":"2026-04-08T21:36:01.253748Z","times_seen":35071,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":358,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hbmarchitects.us/_next/static/media/a34f9d1faa5f3315-s.p.woff2","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"172.67.220.164","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F","date":"2025-01-13T23:11:02.942Z","timestamp":1736809862942,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_next/static/media/a34f9d1faa5f3315-s.p.woff2 HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://hbmarchitects.us/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 13 Jan 2025 23:11:02 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 48556\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jan 2025 18:16:00 GMT\r\nETag: \"677ec0e0-bdac\"\r\nExpires: Tue, 13 Jan 2026 21:49:47 GMT\r\nCache-Control: max-age=31536000\r\nCF-Cache-Status: HIT\r\nAge: 4875\r\nAccept-Ranges: bytes\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6l7K%2FEZ51g9Bi%2Fr%2FdQm68mtEvpIX5Xd%2BIezcmNHuCpb%2F%2Br%2F6R9%2B8AMDeQ9MePuuU4D%2F4lQMb3GtqRS8IpNCWImok%2FrwhUA1nTyryyeGiavShCFLm%2BPltJ%2Fk55tFamwt7DktJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9019102b5b6e0b45-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=552\u0026min_rtt=534\u0026rtt_var=106\u0026sent=6\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=2574\u0026recv_bytes=899\u0026delivery_rate=9193650\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48556,"size_decoded":48556,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48556, version 1.0","md5":"d4fe31e6a2aebc06b8d6e558c9141119","sha1":"bcdc4f0b431d4c8065a83bb736c56ff6494d0091","sha256":"c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec","sha512":"1cbe7641b8930163ed3ea348f573cad438b646ed64d60c1923e5b8664c3de9c2c21ba97994ec8d886f489e4d090772b010de72a1167547fb4f6a2d242d46aec1","ssdeep":"768:+rvWCaG0bvTIyNOporIvE+9OZduZ35LhKvXxYdBJaqyXNWLU2m/jG9EHmqGq55t:+ruCR0bvT386c6ZduZpFMXxQBJ82Q5tJ","tlshash":"7823025eb4b5c6e3fa05e60e86d990613909424f86b6dfc54f3741a038fcf912d3ea89","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T11:27:14.172485Z","times_seen":9489,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hbmarchitects.us/AgFNdWDFpn?S=ajones@foxhallmedicine.com/","fqdn":"hbmarchitects.us","domain":"hbmarchitects.us","tld":"us"},"ip":{"addr":"104.21.59.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-13T23:11:01.709Z","timestamp":1736809861709,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hbmarchitects.us","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Dec 2024 14:16:27 GMT","end":"Tue, 18 Mar 2025 15:14:07 GMT"},"fingerprint":{"sha1":"69:B4:65:72:2D:FB:E4:E7:D5:50:62:0E:30:56:2E:A9:F5:A7:EE:E2","sha256":"84:34:91:66:05:D8:BA:19:58:3F:BB:61:27:C0:21:40:15:F2:04:F7:F5:73:3E:63:8F:BD:A5:E7:7A:D1:14:6A"}}},"request":{"raw":"GET /AgFNdWDFpn?S=ajones@foxhallmedicine.com/ HTTP/1.1\r\nHost: hbmarchitects.us\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 Permanent Redirect\r\ndate: Mon, 13 Jan 2025 23:11:02 GMT\r\nlocation: /AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\nrefresh: 0;url=/AgFNdWDFpn/?S=ajones%40foxhallmedicine.com%2F\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bXfSoovh0ufpcPR1v%2F51yTwHJ5vI7GEhjk40ykoyzMx9b8y8rBk8qlEEdKnXOEyMuvDc03cM3ExbcGoROVglEg4uki6ggayDN7rw1CGPMe4e71gBwjgDt6m3fWgicmU8Ya2J\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 90191023fa3b712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6292\u0026min_rtt=454\u0026rtt_var=11674\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3287\u0026recv_bytes=1277\u0026delivery_rate=8883435\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=7e4e0bb3ddd31ffe\u0026ts=325\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":null,"data":{"size":4113,"size_decoded":4113,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4901), with no line terminators","md5":"a5cc70c035240bac8a66911c680ea0d7","sha1":"7d688306c0c3d748d853793b4e181ee01c14537e","sha256":"2e052249f258a5f71d0ef8271ae2becc4ff24b91dab0fa6e6a9bc01dcd72c26b","sha512":"d9758f096771d67a8de42162f64ae8b3a693161e545c5024ebdf87971a38e60015040a88bc12474df134313fee2c77e741d2ac2d2d9401d318638bf12d557353","ssdeep":"96:ubBHOAB+Pq30gggDkHn8SllYjb9llYArgKFUjK717N4:0w7Pcy8Slyjb9lyArgKkiha","tlshash":"6ca1eddbec46ddc0a5a36c5801ff9d7b15ba98e60bd089bcf2c8fd481d1a6410f99e80","first_seen":"2025-01-13T23:11:27.773391Z","last_seen":"2025-01-13T23:11:27.773391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":47,"dns":27,"connect":1,"send":0,"wait":310,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}