{"report_id":"b905989b-4e56-45e6-95bf-d713e80a8611","version":6,"status":"done","tags":[],"date":"2024-05-20T22:57:10Z","url":{"schema":"http","addr":"nicoco.xii.jp/ushimitsu.zip","fqdn":"nicoco.xii.jp","domain":"nicoco.xii.jp","tld":"xii.jp"},"ip":{"addr":"219.94.129.89","port":0,"asn":9371,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T16:12:17Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ocsp.usertrust.com","ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"1997-12-05","domain_rank":899,"first_seen":"2012-05-21 17:43:18","last_seen":"2024-05-19 18:12:40","alert_count":0,"request_count":1,"received_data":1013,"sent_data":330,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nicoco.xii.jp","ip":{"addr":"219.94.129.89","port":443,"asn":9371,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":1664468,"sent_data":481,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"b539d78894de13446a15933805b204f6","sha1":"99508b9066b459b5afa77a91698fcc3f1730f422","sha256":"bb7f8b3338f0b34c5ecdeec442ac1ce4e0c8618632ae633de43d1a1f09e59d62","sha512":"97a5ae04b899adfa951d3a1b5141fb0a8a47513f2f5ef550a8bf15c9c729a19dc580878ae866187bfe84d2046b2fc3a13405ffd779132dc06f107fad7d484172","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":1664227,"url":{"schema":"https","addr":"nicoco.xii.jp/ushimitsu.zip","fqdn":"nicoco.xii.jp","domain":"nicoco.xii.jp","tld":"xii.jp"},"ip":{"addr":"219.94.129.89","port":443,"asn":9371,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"archive":[{"path":"ushimitsu/readme.txt","filename":"readme.txt","modified":"","Modified":"2016-08-10T21:46:36+09:00","magic":"Non-ISO extended-ASCII text, with CRLF, NEL line terminators","size":1394,"md5":"4fd1c898bc6f065fb9c7dc17df21f17e","sha1":"e88208691c8886ed887452aa2db7c182616f6942","sha256":"c3b2fe05bc9f0c11cae29e15086485b100bb378820e08f470026ae0ec52763ce","sha512":"d46cc29ed637c8b5c02fa8d0aa9bf40d2e093a470faa1f7e449cbc47317fec91a85b6d2d12b2ad0e06b830eaa79e481bbc312b5e02cc7f8965dd40ecacc5d543","alerts":{"urlquery":null,"analyzer":null}},{"path":"ushimitsu/�����݂‚ǂ�.ttf","filename":"�����݂‚ǂ�.ttf","modified":"","Modified":"2017-06-30T06:33:15+09:00","magic":"TrueType Font data, 18 tables, 1st \"GSUB\", 33 names, Macintosh, nicoco     ","size":2698392,"md5":"73b5b345e26d7bb0aef8801c169f9119","sha1":"3f26d6f20a29f811d12c217aae4a8f26edcfafc3","sha256":"7c6fbe4ac191b47bef1117fa334b888b00cfa4a07b6b4b5bda603c0556fd26e0","sha512":"09c35a56e783f4b3d5ddbd6d0ea0ca276ec2995ba688878c2cb5b4978f923c83c5013b31fe444fe5572b6c0fec9501c4aa730947f0a22a77dbdef9491cd3bdfd","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-05-20T22:56:53Z","timestamp":1716245813,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52760,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-05-20T22:56:53.367603+0000\",\"flow_id\":2181142573762433,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52760,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"citizensbank00verify-mobile.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":474,\"bytes_toclient\":116,\"start\":\"2024-05-20T22:53:04.083841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-05-20T22:57:03Z","timestamp":1716245823,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52690,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-05-20T22:57:03.357704+0000\",\"flow_id\":920475183006176,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52690,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"citizensbank00verify-mobile.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":474,\"bytes_toclient\":116,\"start\":\"2024-05-20T22:53:02.836064+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-05-20T22:57:04Z","timestamp":1716245824,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52760,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-05-20T22:57:04.379859+0000\",\"flow_id\":878766755694465,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52760,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"citizensbank00verify-mobile.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":474,\"bytes_toclient\":116,\"start\":\"2024-05-20T22:53:04.083841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-05-20T22:57:04Z","timestamp":1716245824,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":60304,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-05-20T22:57:04.380515+0000\",\"flow_id\":1864152514305157,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":60304,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"citizensbank-auth-verification.duckdns.org\",\"url\":\"/login.php?online_id=60e9f44ada79547deb19fc193\u0026country=\u0026iso=\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":656,\"bytes_toclient\":116,\"start\":\"2024-05-20T22:53:32.924805+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-05-20T22:57:07Z","timestamp":1716245827,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52796,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-05-20T22:57:07.344151+0000\",\"flow_id\":78004463147828,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":52796,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"citizensbank00verify-mobile.duckdns.org\",\"url\":\"/citizens/web-auth/50b23385d4ab26369a0b328160c54902/personal.php?token=98420949caad178d0c77711e9bbc092bb3c28c1e27cb4440305d1efd626eecb853c55073c0e940e9e5de2c7cb1300698ea6c3fa982e9e1dc03dfb1776dffdeae\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":792,\"bytes_toclient\":116,\"start\":\"2024-05-20T22:53:05.334644+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"ocsp.usertrust.com/","fqdn":"ocsp.usertrust.com","domain":"usertrust.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-05-20T22:56:44.996054854Z","timestamp":1716245804996,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.usertrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 20 May 2024 22:56:44 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 472\r\nConnection: keep-alive\r\nLast-Modified: Sun, 19 May 2024 09:22:50 GMT\r\nExpires: Sun, 26 May 2024 09:22:49 GMT\r\nEtag: \"4a96f05251db1a3f90f1c912ba5205fef2c5d839\"\r\nCache-Control: max-age=601848,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb3\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: REVALIDATED\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 886febf8fb37712a-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"f8ef83ea8e284484ad9b84fc8213ee8b","sha1":"4a96f05251db1a3f90f1c912ba5205fef2c5d839","sha256":"0a2e25e6280f3dadb8b4a2315587d7a8e9c930e600be454b6917803c64ec7db5","sha512":"87e8b558ff9bf2949d0eccac5b86f262e95295af0029c9265c735a7a610d23c27ebff9d66e926a44388f351e0a6c69bc7ec5709e7afbecd930f3068f25f21d25","ssdeep":"","tlshash":"bff0d4c0419d34946fd5494c2a7ddea51914d7d20da45ccdf0549dc3358ea7ef90dc2d","first_seen":"2024-05-19T12:40:26Z","last_seen":"2024-08-19T22:32:11.182908Z","times_seen":18,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nicoco.xii.jp/ushimitsu.zip","fqdn":"nicoco.xii.jp","domain":"nicoco.xii.jp","tld":"xii.jp"},"ip":{"addr":"219.94.129.89","port":443,"asn":9371,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-05-20T22:56:44.410Z","timestamp":1716245804410,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P521","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.sakura.ne.jp","organization":""},"issuer":{"commonName":"Gehirn Managed Certification Authority - RSA DV","organization":"Gehirn Inc."},"validity":{"start":"Tue, 16 May 2023 00:00:00 GMT","end":"Wed, 29 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EE:67:85:3C:D1:34:80:35:6D:55:A8:7A:45:D5:55:E6:18:05:BA:F4","sha256":"89:AB:B2:17:0F:49:FA:FE:63:01:E4:3D:7F:97:C5:E2:85:03:2B:B8:F2:75:82:89:67:19:6B:73:8C:EC:EF:C8"}}},"request":{"raw":"GET /ushimitsu.zip HTTP/1.1\r\nHost: nicoco.xii.jp\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 20 May 2024 22:56:45 GMT\r\ncontent-type: application/zip\r\ncontent-length: 1664227\r\nlast-modified: Mon, 04 Jun 2018 21:55:00 GMT\r\netag: \"1964e3-56dd7fc30b500\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1664227,"size_decoded":1664227,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=store","md5":"b539d78894de13446a15933805b204f6","sha1":"99508b9066b459b5afa77a91698fcc3f1730f422","sha256":"bb7f8b3338f0b34c5ecdeec442ac1ce4e0c8618632ae633de43d1a1f09e59d62","sha512":"97a5ae04b899adfa951d3a1b5141fb0a8a47513f2f5ef550a8bf15c9c729a19dc580878ae866187bfe84d2046b2fc3a13405ffd779132dc06f107fad7d484172","ssdeep":"49152:fEiHztYNyZoCJsa42Hjp3Ar7PEUe5NMTH:TqNqoCJS2Hjp3w8tnMTH","tlshash":"f375331694bd516b631003122d7ba29edcf2993ebdc0e69f208d25657500cfa71bee2f","first_seen":"2024-08-19T22:21:40.942158Z","last_seen":"2024-08-19T22:21:40.942158Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3714,"timings":{"blocked":797,"dns":0,"connect":267,"send":0,"wait":260,"receive":1855,"ssl":530},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}