{"report_id":"77348dec-d573-4399-993a-4773f77edd39","version":6,"status":"done","tags":[],"date":"2024-08-23T13:08:02Z","url":{"schema":"http","addr":"162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg","fqdn":"162.0.220.59","domain":"162.0.220.59","tld":""},"ip":{"addr":"162.0.220.59","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg","fqdn":"162.0.220.59","domain":"162.0.220.59","tld":"59"},"title":"prediksi-syair-hk-vip-273x300.jpg (JPEG Image, 273 × 300 pixels)"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-07T18:08:37Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-22 18:12:04","alert_count":0,"request_count":3,"received_data":2661,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-22 18:12:25","alert_count":0,"request_count":5,"received_data":4439,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"162.0.220.59","ip":{"addr":"162.0.220.59","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2021-02-12 02:54:49","last_seen":"2021-12-02 23:17:12","alert_count":3,"request_count":3,"received_data":39743,"sent_data":1276,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:37.000973996Z","timestamp":1724418457001,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"9E748E8BE620CE31ED3909B9574B05B4F49BD396482D89699218408C95294D97\"\r\nLast-Modified: Wed, 21 Aug 2024 06:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4768\r\nExpires: Fri, 23 Aug 2024 14:27:04 GMT\r\nDate: Fri, 23 Aug 2024 13:07:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"133a8ab4e8c45f320352685e01db9625","sha1":"a24555e329796c47c106c0f55d1d8807f652b257","sha256":"9e748e8be620ce31ed3909b9574b05b4f49bd396482d89699218408c95294d97","sha512":"ee0d887eab5e46c65f13757daa51806ac307940f27844d04cae94de7537734dfbb7291756db906556c9639ec877654b6e17d8623e3ee7c7fd71ae09ae8412ac3","ssdeep":"","tlshash":"06f005420669f9b5762559071672d640dc10ee7d7c1658a658d003e2a1517e955c080d","first_seen":"2024-08-21T12:38:47Z","last_seen":"2024-08-29T18:15:52.526011Z","times_seen":14632,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:37.003276786Z","timestamp":1724418457003,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C2F7DA36674CCAD93A922282C4CC5DC25FFE3E17206BE2FC0E1DFA98181FD46\"\r\nLast-Modified: Thu, 22 Aug 2024 00:55:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8176\r\nExpires: Fri, 23 Aug 2024 15:23:52 GMT\r\nDate: Fri, 23 Aug 2024 13:07:36 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"13ea5888d3245867e3b2271529ae3a07","sha1":"2ac08d083a3db9818f13427caf2afd6ffe844e19","sha256":"5c2f7da36674ccad93a922282c4cc5dc25ffe3e17206be2fc0e1dfa98181fd46","sha512":"96cbf4af3d8568c1b8bdd9bbb3e0784435a93a7d85d3f9b13791ffb641e4c2dae91ebb510e9b2c737741e8c0b534d239e4910f83b1b18f6cbb24684cd30f0a4a","ssdeep":"","tlshash":"67f075d0391579f013b808397af4d8e20d11a5d6308082eff0a440f0fcaa3e0e24420c","first_seen":"2024-08-22T05:25:49Z","last_seen":"2024-08-29T18:15:52.526597Z","times_seen":27943,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:37.4256569Z","timestamp":1724418457425,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"21B5B0E771D125BC1D1CD5B12F7BB8567F86C7AB1FE44C531BB98E84A62BFDF0\"\r\nLast-Modified: Thu, 22 Aug 2024 09:59:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4943\r\nExpires: Fri, 23 Aug 2024 14:30:00 GMT\r\nDate: Fri, 23 Aug 2024 13:07:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8541cd70139dfda2d95ed0b4e252f586","sha1":"38437f949815bd7b58655cc9dba515e53a6abee6","sha256":"21b5b0e771d125bc1d1cd5b12f7bb8567f86c7ab1fe44c531bb98e84a62bfdf0","sha512":"4611c153ea9fa8767adfc6bb27ef0897c7eb08ef730e047b7cc858cef00a7649036db9cdc506b8f57a83738fc9978b9c2dca1fe4eff106051219645db40cf458","ssdeep":"","tlshash":"4af00ef71d7cbc48e5600b2b9aedd9b8ed226bfc740012c275d505c5b4017b08b5c108","first_seen":"2024-08-22T15:46:39Z","last_seen":"2024-08-29T18:15:52.527166Z","times_seen":20171,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:37.681576458Z","timestamp":1724418457681,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8D1B5DE3EAF9D4AE520C30CB01548286EEB9853665444C34BE6CAAC091AF5638\"\r\nLast-Modified: Wed, 21 Aug 2024 03:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6197\r\nExpires: Fri, 23 Aug 2024 14:50:54 GMT\r\nDate: Fri, 23 Aug 2024 13:07:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fa24406b28144f03c66e0892b293241b","sha1":"64ec25a3e583dcd2ea13558272ac7badebbfc3d6","sha256":"8d1b5de3eaf9d4ae520c30cb01548286eeb9853665444c34be6caac091af5638","sha512":"bf1589b89ba37fbb2e0ab277b3ecf7b8cd46aecc152410b710503fe32fcd9143191b400de902962460a50847158f187a839dd3e273bc873e12df5e0780ea4b26","ssdeep":"","tlshash":"b5f00e06169fbe141fa446a72aa8aa2d29a0eee43d1024e339e044e260907eccbc040c","first_seen":"2024-08-21T10:09:55.663576Z","last_seen":"2024-08-29T18:15:52.527685Z","times_seen":36781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg","fqdn":"162.0.220.59","domain":"162.0.220.59","tld":"59"},"ip":{"addr":"162.0.220.59","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-23T13:07:37.991Z","timestamp":1724418457991,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg HTTP/1.1\r\nHost: 162.0.220.59\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 30 Aug 2024 13:07:38 GMT\r\netag: \"6125-63581e19-17a15c1;;;\"\r\nlast-modified: Tue, 25 Oct 2022 17:34:17 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24869\r\naccept-ranges: bytes\r\ndate: Fri, 23 Aug 2024 13:07:38 GMT\r\nserver: LiteSpeed\r\nconnection: Keep-Alive\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24869,"size_decoded":24869,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82\", baseline, precision 8, 273x300, components 3","md5":"7db6117384be472e5314ea2a7ef0beec","sha1":"e2223e03e4823c5b956dfef265bdf00e92866583","sha256":"2240ef38d8ee7d53439cf4a2a3ca7a391c00767f88a83e3a1c76e8cd84a7366a","sha512":"3e681d5c81252cf63521df4c9fbc3b59a3534c7004f050ec54c0e27f395f803fc2af81d46ac9e72466d2f89edca411be33d7734384a2517abe2aed04f32d068b","ssdeep":"768:mBGTooMnbQ3jJAV2WRRcidotLXYjleFu7:mBRNns3jJEZfcidEXYjlei","tlshash":"b8b2d04a47415fd4c415ad288bde74398aecb728f512bbad6c30d39ac02d5c6727bbb0","first_seen":"2024-08-29T18:08:38.15711Z","last_seen":"2024-08-29T18:08:38.15711Z","times_seen":1,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":136,"dns":0,"connect":144,"send":0,"wait":144,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"162.0.220.59/favicon.ico","fqdn":"162.0.220.59","domain":"162.0.220.59","tld":"59"},"ip":{"addr":"162.0.220.59","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg","date":"2024-08-23T13:07:39.032Z","timestamp":1724418459032,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 162.0.220.59\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttp://162.0.220.59/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-redirect-by: WordPress\r\nlocation: http://162.0.220.59/wp-content/uploads/2017/11/Kode-Syair-Toto-150x125.png\r\ncontent-length: 0\r\ndate: Fri, 23 Aug 2024 13:07:39 GMT\r\nserver: LiteSpeed\r\nconnection: Keep-Alive\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T15:09:30.745699Z","times_seen":14107455,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"162.0.220.59/wp-content/uploads/2017/11/Kode-Syair-Toto-150x125.png","fqdn":"162.0.220.59","domain":"162.0.220.59","tld":"59"},"ip":{"addr":"162.0.220.59","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg","date":"2024-08-23T13:07:39.245Z","timestamp":1724418459245,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2017/11/Kode-Syair-Toto-150x125.png HTTP/1.1\r\nHost: 162.0.220.59\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://162.0.220.59/wp-content/uploads/2022/10/prediksi-syair-hk-vip-273x300.jpg\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 30 Aug 2024 13:07:39 GMT\r\netag: \"363e-62ee753a-17a020d;;;\"\r\nlast-modified: Sat, 06 Aug 2022 14:05:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 13886\r\naccept-ranges: bytes\r\ndate: Fri, 23 Aug 2024 13:07:39 GMT\r\nserver: LiteSpeed\r\nconnection: Keep-Alive\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13886,"size_decoded":13886,"mime_type":"image/png","magic":"PNG image data, 150 x 125, 8-bit/color RGBA, non-interlaced","md5":"b398fbb4a2651e01f1d6cdee3108be0e","sha1":"1c7a6d03fef96cdaf9053acec23c786e82acac27","sha256":"df248cb164186ec10f2d1df7805f1ad9df3c865b9b3461efef85a64672f3deca","sha512":"c9feeee5611b3023802c7db7c0a5358b550d4d15bc67bfafcda417150314aff2d93548c4a9061c518c836baf4364f9bbb389c70ce076b206b0726088e0f88124","ssdeep":"384:rCv3z7Ol1H7//TYTTBeWI5L8eVzZtWt5S2Ka3DjG9dMms:rCvYp73MeHL8AWt5SOvj","tlshash":"ce52d02611940da2c1f11b5c64a69c5b716e8e5abd134230e0b761d9d77fb0bfca24cc","first_seen":"2024-05-22T22:32:14Z","last_seen":"2024-08-29T18:08:38.36846Z","times_seen":7,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":145,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-23","alert":"Sinkholed","trigger":"162.0.220.59","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:39.659498822Z","timestamp":1724418459659,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2\"\r\nLast-Modified: Thu, 22 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17703\r\nExpires: Fri, 23 Aug 2024 18:02:42 GMT\r\nDate: Fri, 23 Aug 2024 13:07:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cf4beded5cc66b936a54a6514b3d9bc8","sha1":"a53a94acfc4c8ee1478737c46b73ffc45644b63e","sha256":"80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2","sha512":"311262e37aaf0237104fe32d9251928fbc0add29343b67d4be98bead35d397d1026dfc62c75bdf2eb179a82299eef7bfd1ed0a7523ddd3c3152c51b319497651","ssdeep":"","tlshash":"13f00e916eecfda00bbc4c2ae9dac0268d756cec3048b2a6024c52d638317fb844809c","first_seen":"2024-08-23T03:41:23Z","last_seen":"2024-08-29T18:12:32.96355Z","times_seen":11633,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:39.663090706Z","timestamp":1724418459663,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2\"\r\nLast-Modified: Thu, 22 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17703\r\nExpires: Fri, 23 Aug 2024 18:02:42 GMT\r\nDate: Fri, 23 Aug 2024 13:07:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cf4beded5cc66b936a54a6514b3d9bc8","sha1":"a53a94acfc4c8ee1478737c46b73ffc45644b63e","sha256":"80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2","sha512":"311262e37aaf0237104fe32d9251928fbc0add29343b67d4be98bead35d397d1026dfc62c75bdf2eb179a82299eef7bfd1ed0a7523ddd3c3152c51b319497651","ssdeep":"","tlshash":"13f00e916eecfda00bbc4c2ae9dac0268d756cec3048b2a6024c52d638317fb844809c","first_seen":"2024-08-23T03:41:23Z","last_seen":"2024-08-29T18:12:32.96355Z","times_seen":11633,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:39.670192513Z","timestamp":1724418459670,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2\"\r\nLast-Modified: Thu, 22 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17703\r\nExpires: Fri, 23 Aug 2024 18:02:42 GMT\r\nDate: Fri, 23 Aug 2024 13:07:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cf4beded5cc66b936a54a6514b3d9bc8","sha1":"a53a94acfc4c8ee1478737c46b73ffc45644b63e","sha256":"80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2","sha512":"311262e37aaf0237104fe32d9251928fbc0add29343b67d4be98bead35d397d1026dfc62c75bdf2eb179a82299eef7bfd1ed0a7523ddd3c3152c51b319497651","ssdeep":"","tlshash":"13f00e916eecfda00bbc4c2ae9dac0268d756cec3048b2a6024c52d638317fb844809c","first_seen":"2024-08-23T03:41:23Z","last_seen":"2024-08-29T18:12:32.96355Z","times_seen":11633,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-23T13:07:39.676305061Z","timestamp":1724418459676,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2\"\r\nLast-Modified: Thu, 22 Aug 2024 21:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17703\r\nExpires: Fri, 23 Aug 2024 18:02:42 GMT\r\nDate: Fri, 23 Aug 2024 13:07:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cf4beded5cc66b936a54a6514b3d9bc8","sha1":"a53a94acfc4c8ee1478737c46b73ffc45644b63e","sha256":"80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2","sha512":"311262e37aaf0237104fe32d9251928fbc0add29343b67d4be98bead35d397d1026dfc62c75bdf2eb179a82299eef7bfd1ed0a7523ddd3c3152c51b319497651","ssdeep":"","tlshash":"13f00e916eecfda00bbc4c2ae9dac0268d756cec3048b2a6024c52d638317fb844809c","first_seen":"2024-08-23T03:41:23Z","last_seen":"2024-08-29T18:12:32.96355Z","times_seen":11633,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}