{"report_id":"5489c379-d010-4cf3-a55e-fd7cda6af3f1","version":6,"status":"done","tags":[],"date":"2024-10-09T18:51:46Z","url":{"schema":"http","addr":"mft-stg.myngc.com","fqdn":"mft-stg.myngc.com","domain":"myngc.com","tld":"com"},"ip":{"addr":"157.127.141.140","port":0,"asn":1906,"as":"NORTHROP-GRUMMAN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"mft-stg.myngc.com/","fqdn":"mft-stg.myngc.com","domain":"myngc.com","tld":"com"},"title":"403 Forbidden"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-20T08:36:01Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-10-08 18:12:09","alert_count":0,"request_count":5,"received_data":4440,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.242","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-10-08 18:12:21","alert_count":0,"request_count":4,"received_data":3551,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mft-stg.myngc.com","ip":{"addr":"157.127.141.140","port":443,"asn":1906,"as":"NORTHROP-GRUMMAN","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":3024,"sent_data":1371,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.242","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:21.357743357Z","timestamp":1728499881357,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"14FFC94E6280A14388FDA9745042B01144374FD782CF089B48025A1316ECBD24\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18700\r\nExpires: Thu, 10 Oct 2024 00:03:01 GMT\r\nDate: Wed, 09 Oct 2024 18:51:21 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"92a230cb5218879a64fe719acf75881c","sha1":"7f7635dedaaca6b4b4ecb370b51df9538d7a7d0d","sha256":"14ffc94e6280a14388fda9745042b01144374fd782cf089b48025a1316ecbd24","sha512":"e8b2de291b4f320972ab8697f136fb4340867c6d07e3a10197ed03f1df5ba22e193fbac09408898ad04f62391af3bd13dd2d44c4e594e6585c3404c077e6f71b","ssdeep":"","tlshash":"d4f005611d91fc49df534505399ed317c6233dbf6610c3c431b45dd6ad5179c69a2018","first_seen":"2024-10-08T15:40:24Z","last_seen":"2024-10-11T08:49:57.33154Z","times_seen":12496,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.242","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:21.40501455Z","timestamp":1728499881405,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"FEA81540CA4C6F34F779C3306D4414C07BAB63CEC6B11425D8E3C5FB74118BE3\"\r\nLast-Modified: Wed, 09 Oct 2024 11:30:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12170\r\nExpires: Wed, 09 Oct 2024 22:14:11 GMT\r\nDate: Wed, 09 Oct 2024 18:51:21 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ca9529e5dcfdfe04a1af2baa41d988d6","sha1":"2f7b1a6c5d3e1c8c9f52c513ee250006de18b00b","sha256":"fea81540ca4c6f34f779c3306d4414c07bab63cec6b11425d8e3c5fb74118be3","sha512":"1ce9c927b811d9937884e0323c5770a2128eff47c63d170a6f76862c7e05372f73acbff7352736cf370842a7d356702cbb8ffc9ef0fb2cc6ec0eb6db7a4dcac2","ssdeep":"","tlshash":"b9f0c057a1a938228bb445622ea4dd075f21adb270040ca7a4b15ba57cc0fa4069048c","first_seen":"2024-10-09T18:17:35Z","last_seen":"2024-10-11T08:37:15.137161Z","times_seen":1593,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.242","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:21.831747151Z","timestamp":1728499881831,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"07DD05FA26E00D5C82BD8CE59665BC2308F5D160299DF48BF109C2AD6A3E50E9\"\r\nLast-Modified: Wed, 09 Oct 2024 14:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5516\r\nExpires: Wed, 09 Oct 2024 20:23:17 GMT\r\nDate: Wed, 09 Oct 2024 18:51:21 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e34797436491f35c4f08deebf900bb71","sha1":"a5d800917ba2f0f4bf4a10fda78477834a73e8b7","sha256":"07dd05fa26e00d5c82bd8ce59665bc2308f5d160299df48bf109c2ad6a3e50e9","sha512":"ce1bb1afb9703f895b5e73b67dfe5d5e921ff1a3bb3b1476a0c64ca0ab71303ce0ff78ac28227f04ca15ef2728143de88b8d5292729631566c2f8c504f7fa0f3","ssdeep":"","tlshash":"1ff00ea666e27823e6730e54be16e91b4e02affb251047c021d4e2f2542c6bd4f8400c","first_seen":"2024-10-11T08:35:42.062594Z","last_seen":"2024-10-11T08:36:09.909239Z","times_seen":342,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.242","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:22.053053204Z","timestamp":1728499882053,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D26175D0C06A3C8955BE69B60D567045EB992C0BB2486823F7A9AC825AD8CFB1\"\r\nLast-Modified: Wed, 09 Oct 2024 16:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15357\r\nExpires: Wed, 09 Oct 2024 23:07:19 GMT\r\nDate: Wed, 09 Oct 2024 18:51:22 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"6c74ce9322b073a45b02c84940386ad8","sha1":"386d50deda1679a01a54e70e4b906bd89576a99c","sha256":"d26175d0c06a3c8955be69b60d567045eb992c0bb2486823f7a9ac825ad8cfb1","sha512":"1c2b5c45e37276e2e9e90814ae49633308e1abfaf08b4560d5a508c65c5b99cfe5e3ece9fb5dc7ccff3f5508a5558485cbd08fe8f37bdf60cc1dfb898a616395","ssdeep":"","tlshash":"1bf00e8426d1f0537fb84a027cb9e956f982a81934f03af658d0429ab079ff8de5445c","first_seen":"2024-10-09T20:25:58Z","last_seen":"2024-10-11T08:36:25.886706Z","times_seen":1046,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mft-stg.myngc.com/","fqdn":"mft-stg.myngc.com","domain":"myngc.com","tld":"com"},"ip":{"addr":"157.127.141.140","port":443,"asn":1906,"as":"NORTHROP-GRUMMAN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-09T18:51:22.779Z","timestamp":1728499882779,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mft-stg.myngc.com","organization":"Northrop Grumman Corporation"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Jan 2024 00:00:00 GMT","end":"Sat, 01 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"91:87:74:F6:F1:7C:83:98:2C:C6:65:40:74:74:45:E7:9B:D0:E8:0F","sha256":"7D:C6:61:A8:19:69:B4:AA:8A:8D:AF:DF:67:83:B6:AA:70:C3:3C:02:AD:93:01:CA:45:17:F2:FF:84:71:B4:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mft-stg.myngc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Your IP address is not permitted\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css2; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ *.duosecurity.com *.duofederal.com; script-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' data: blob:; font-src 'self'  https://fonts.gstatic.com; media-src 'self' blob:\r\nReferrer-Policy: same-origin\r\nCache-Control: no-cache, private, must-revalidate\r\nContent-Type: text/html;charset=utf-8\r\nConnection: close\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nContent-Length: 123\r\nStrict-Transport-Security: max-age=16070400; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Your IP address is not permitted","fingerprints":null,"data":{"size":123,"size_decoded":123,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"903df900d49f0af920f661543b02939c","sha1":"e9e215fb484fd08352d87699a9019a6a88650b87","sha256":"8e638131d826f0d8059e11e709ffca47972158de4b55d880bdf931f70293164b","sha512":"bbf4319b2239fc61a4806ea2a94b82b8f05d011617ec867212e97f017239a79da30c7b26e56d67a42904fb2368f41d08a142f1f2bdf59ee05305d302954c1e64","ssdeep":"","tlshash":"8fb09bed515e341cfa7532c00ec5228059c943e174c35b105dc5151b6194135cc03645","first_seen":"2024-10-11T08:36:04.825709Z","last_seen":"2024-10-11T08:36:04.825709Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":475,"dns":6,"connect":152,"send":0,"wait":157,"receive":0,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mft-stg.myngc.com/","fqdn":"mft-stg.myngc.com","domain":"myngc.com","tld":"com"},"ip":{"addr":"157.127.141.140","port":443,"asn":1906,"as":"NORTHROP-GRUMMAN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-09T18:51:22.779Z","timestamp":1728499882779,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mft-stg.myngc.com","organization":"Northrop Grumman Corporation"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Jan 2024 00:00:00 GMT","end":"Sat, 01 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"91:87:74:F6:F1:7C:83:98:2C:C6:65:40:74:74:45:E7:9B:D0:E8:0F","sha256":"7D:C6:61:A8:19:69:B4:AA:8A:8D:AF:DF:67:83:B6:AA:70:C3:3C:02:AD:93:01:CA:45:17:F2:FF:84:71:B4:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mft-stg.myngc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Your IP address is not permitted\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css2; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ *.duosecurity.com *.duofederal.com; script-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' data: blob:; font-src 'self'  https://fonts.gstatic.com; media-src 'self' blob:\r\nReferrer-Policy: same-origin\r\nCache-Control: no-cache, private, must-revalidate\r\nContent-Type: text/html;charset=utf-8\r\nConnection: close\r\nDate: Wed, 09 Oct 2024 18:51:24 GMT\r\nContent-Length: 123\r\nStrict-Transport-Security: max-age=16070400; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Your IP address is not permitted","fingerprints":null,"data":{"size":123,"size_decoded":123,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"903df900d49f0af920f661543b02939c","sha1":"e9e215fb484fd08352d87699a9019a6a88650b87","sha256":"8e638131d826f0d8059e11e709ffca47972158de4b55d880bdf931f70293164b","sha512":"bbf4319b2239fc61a4806ea2a94b82b8f05d011617ec867212e97f017239a79da30c7b26e56d67a42904fb2368f41d08a142f1f2bdf59ee05305d302954c1e64","ssdeep":"","tlshash":"8fb09bed515e341cfa7532c00ec5228059c943e174c35b105dc5151b6194135cc03645","first_seen":"2024-10-11T08:36:04.825709Z","last_seen":"2024-10-11T08:36:04.825709Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":475,"dns":6,"connect":152,"send":0,"wait":157,"receive":0,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:23.915717473Z","timestamp":1728499883915,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10574\r\nExpires: Wed, 09 Oct 2024 21:47:37 GMT\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:23.917379108Z","timestamp":1728499883917,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10574\r\nExpires: Wed, 09 Oct 2024 21:47:37 GMT\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:23.923526028Z","timestamp":1728499883923,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10574\r\nExpires: Wed, 09 Oct 2024 21:47:37 GMT\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:23.925182206Z","timestamp":1728499883925,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10574\r\nExpires: Wed, 09 Oct 2024 21:47:37 GMT\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.225","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T18:51:23.981853541Z","timestamp":1728499883981,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10574\r\nExpires: Wed, 09 Oct 2024 21:47:37 GMT\r\nDate: Wed, 09 Oct 2024 18:51:23 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mft-stg.myngc.com/favicon.ico","fqdn":"mft-stg.myngc.com","domain":"myngc.com","tld":"com"},"ip":{"addr":"157.127.141.140","port":443,"asn":1906,"as":"NORTHROP-GRUMMAN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mft-stg.myngc.com/","date":"2024-10-09T18:51:23.531Z","timestamp":1728499883531,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mft-stg.myngc.com","organization":"Northrop Grumman Corporation"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 30 Jan 2024 00:00:00 GMT","end":"Sat, 01 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"91:87:74:F6:F1:7C:83:98:2C:C6:65:40:74:74:45:E7:9B:D0:E8:0F","sha256":"7D:C6:61:A8:19:69:B4:AA:8A:8D:AF:DF:67:83:B6:AA:70:C3:3C:02:AD:93:01:CA:45:17:F2:FF:84:71:B4:C1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mft-stg.myngc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mft-stg.myngc.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Your IP address is not permitted\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css2; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ *.duosecurity.com *.duofederal.com; script-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' data: blob:; font-src 'self'  https://fonts.gstatic.com; media-src 'self' blob:\r\nReferrer-Policy: same-origin\r\nCache-Control: no-cache, private, must-revalidate\r\nContent-Type: text/html;charset=utf-8\r\nConnection: close\r\nDate: Wed, 09 Oct 2024 18:51:24 GMT\r\nContent-Length: 123\r\nStrict-Transport-Security: max-age=16070400; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Your IP address is not permitted","fingerprints":null,"data":{"size":123,"size_decoded":123,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"903df900d49f0af920f661543b02939c","sha1":"e9e215fb484fd08352d87699a9019a6a88650b87","sha256":"8e638131d826f0d8059e11e709ffca47972158de4b55d880bdf931f70293164b","sha512":"bbf4319b2239fc61a4806ea2a94b82b8f05d011617ec867212e97f017239a79da30c7b26e56d67a42904fb2368f41d08a142f1f2bdf59ee05305d302954c1e64","ssdeep":"","tlshash":"8fb09bed515e341cfa7532c00ec5228059c943e174c35b105dc5151b6194135cc03645","first_seen":"2024-10-11T08:36:04.825709Z","last_seen":"2024-10-11T08:36:04.825709Z","times_seen":1,"resource_available":false,"data":null}},"time_used":646,"timings":{"blocked":-1,"dns":1,"connect":156,"send":0,"wait":162,"receive":1,"ssl":325},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}