{"report_id":"bca06a40-5562-486b-81bd-030f1cadb353","version":6,"status":"done","tags":[],"date":"2024-08-24T05:57:32Z","url":{"schema":"http","addr":"brgtv.info/","fqdn":"brgtv.info","domain":"brgtv.info","tld":"info"},"ip":{"addr":"194.34.132.196","port":0,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"http","addr":"brgtv.info/","fqdn":"brgtv.info","domain":"brgtv.info","tld":"info"},"title":"brgtv.info/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-07T18:02:29Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-23 18:12:18","alert_count":0,"request_count":3,"received_data":2661,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-23 18:12:28","alert_count":0,"request_count":5,"received_data":4435,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"brgtv.info","ip":{"addr":"194.34.132.196","port":80,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"domain_registered":"2024-03-19","domain_rank":0,"first_seen":"2016-10-14 19:14:59","last_seen":"2024-04-15 16:46:56","alert_count":2,"request_count":2,"received_data":1333,"sent_data":712,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-08-24T05:57:07Z","timestamp":1724479027,"ip_dst":{"addr":"Client IP","port":46206,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"194.34.132.196","port":443,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"severity":"high","alert":"ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)","source":"{\"timestamp\":\"2024-08-24T05:57:07.287624+0000\",\"flow_id\":699561961293509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"194.34.132.196\",\"src_port\":443,\"dest_ip\":\"172.18.0.14\",\"dest_port\":46206,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013659,\"rev\":6,\"signature\":\"ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)\",\"category\":\"Potential Corporate Privacy Violation\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2011_09_15\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2022_03_23\"]}},\"tls\":{\"subject\":\"C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=u6215id11143, Email=root@u6215id11143\",\"issuerdn\":\"C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=u6215id11143, Email=root@u6215id11143\",\"serial\":\"56:40\",\"fingerprint\":\"96:e8:e0:5d:be:8a:55:9c:e2:7e:1d:2d:d8:32:32:97:d6:c7:e3:d8\",\"sni\":\"brgtv.info\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-08-03T09:48:28\",\"notafter\":\"2025-08-03T09:48:28\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":5,\"bytes_toserver\":1333,\"bytes_toclient\":1851,\"start\":\"2024-08-24T05:57:07.231109+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-08-24T05:57:07Z","timestamp":1724479027,"ip_dst":{"addr":"Client IP","port":46218,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"194.34.132.196","port":443,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"severity":"high","alert":"ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)","source":"{\"timestamp\":\"2024-08-24T05:57:07.333979+0000\",\"flow_id\":986130769197907,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"194.34.132.196\",\"src_port\":443,\"dest_ip\":\"172.18.0.14\",\"dest_port\":46218,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013659,\"rev\":6,\"signature\":\"ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)\",\"category\":\"Potential Corporate Privacy Violation\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2011_09_15\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2022_03_23\"]}},\"tls\":{\"subject\":\"C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=u6215id11143, Email=root@u6215id11143\",\"issuerdn\":\"C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=u6215id11143, Email=root@u6215id11143\",\"serial\":\"56:40\",\"fingerprint\":\"96:e8:e0:5d:be:8a:55:9c:e2:7e:1d:2d:d8:32:32:97:d6:c7:e3:d8\",\"sni\":\"brgtv.info\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-08-03T09:48:28\",\"notafter\":\"2025-08-03T09:48:28\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":5,\"bytes_toserver\":1210,\"bytes_toclient\":1851,\"start\":\"2024-08-24T05:57:07.277331+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-24","alert":"Sinkholed","trigger":"brgtv.info","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-24","alert":"Sinkholed","trigger":"brgtv.info","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:06.751701647Z","timestamp":1724479026751,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A0D352F8B8C2248C32607B1D77C3FF6FF7382A5DF118182F69AAE7D7145EE100\"\r\nLast-Modified: Fri, 23 Aug 2024 14:35:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2660\r\nExpires: Sat, 24 Aug 2024 06:41:26 GMT\r\nDate: Sat, 24 Aug 2024 05:57:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"34b72ef98ffb750d7e3020d58da271c5","sha1":"a0b34c22554f5cadf812b8d1f818be5dc840f211","sha256":"a0d352f8b8c2248c32607b1d77c3ff6ff7382a5df118182f69aae7d7145ee100","sha512":"bf06b4f4c9fa97f7546c3e1eda6d38a82b97d6d441b2c3d0d5e796e8ad38899c00556a9bba27df87a4e23442cc2e2852034f51958d8d1cd418e249622b247ad3","ssdeep":"","tlshash":"99f005d143deb901edb5b5992bb6f24fbb10dc1d1c1496d1b0a406e0b441ba4534490d","first_seen":"2024-08-23T21:17:01Z","last_seen":"2024-08-29T18:06:28.067516Z","times_seen":19931,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:06.777687463Z","timestamp":1724479026777,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DF2DB18FA10EEB1D535253183D68A561C6B52B77B539DF6A0A36AEC736A9DA9C\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5871\r\nExpires: Sat, 24 Aug 2024 07:34:57 GMT\r\nDate: Sat, 24 Aug 2024 05:57:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cc687a19f2854a47020b22f4aa1806ef","sha1":"9d4058393445f64f6dda190557bf37686e19e7a0","sha256":"df2db18fa10eeb1d535253183d68a561c6b52b77b539df6a0a36aec736a9da9c","sha512":"860b3b851af226471c29162665b2889c6623802d849fa48081a33740e5529e34b7287421144c1bc2ffdc8f246cd73135a0878201b2d9dcf35b8e6b601a5de601","ssdeep":"","tlshash":"bff00565252575902c5c5c74aad2c07b2f30ddac3fb005c6d97453de68633ed61c1e4d","first_seen":"2024-08-24T00:40:32Z","last_seen":"2024-08-29T18:05:07.605336Z","times_seen":14227,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:07.155089521Z","timestamp":1724479027155,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CF43D0127C72BF58A1799B4E7CE0E5C9E18EC12E978DF6DAC9C17920A20173D5\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2688\r\nExpires: Sat, 24 Aug 2024 06:41:55 GMT\r\nDate: Sat, 24 Aug 2024 05:57:07 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"515f455d93caad6521481d99fc23e623","sha1":"cb770c44b3e280f2151b3f5e887d61fbe0ef66fb","sha256":"cf43d0127c72bf58a1799b4e7ce0e5c9e18ec12e978df6dac9c17920a20173d5","sha512":"39fab7365f165908e92287a24cc88f688c4083edd2e0739103697cb71d715c221bc05d175c9a3bc51a5dab548cf67f950c518054adb8d4a91d4f420b5a06dab0","ssdeep":"","tlshash":"25f00e8a25b0f9edaf66384a16a8d42b9e336cbd3c0419c041d402d239cabbc974c44a","first_seen":"2024-08-24T03:38:38Z","last_seen":"2024-08-29T18:04:17.031483Z","times_seen":24396,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:07.265262898Z","timestamp":1724479027265,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CB3BF00DB937121AA64ED4B8047093CD89CB7376A3C66CF46ECB6974CA047D4C\"\r\nLast-Modified: Fri, 23 Aug 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3868\r\nExpires: Sat, 24 Aug 2024 07:01:35 GMT\r\nDate: Sat, 24 Aug 2024 05:57:07 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"44d2fa336203fefa7fcc2e369e453d16","sha1":"71a006973afdbe2deb2374768a328cf9307fd4d1","sha256":"cb3bf00db937121aa64ed4b8047093cd89cb7376a3c66cf46ecb6974ca047d4c","sha512":"fdef4543622ed54bda6a05ad55b86cb9f05cfbd34a9734b76661e957474c1da55386c98d36887c2b7686532216a6201dd9ba9d8b5cc7b8ce3b095e0cfe24ac5c","ssdeep":"","tlshash":"d7f00e2616a6e500aa7c18107ebec25f3b22bea93850a5e1b051c5d07830ffd5b8844c","first_seen":"2024-08-23T21:40:07Z","last_seen":"2024-08-29T18:06:19.075482Z","times_seen":15481,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"brgtv.info/","fqdn":"brgtv.info","domain":"brgtv.info","tld":"info"},"ip":{"addr":"194.34.132.196","port":80,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-24T05:57:07.371Z","timestamp":1724479027371,"http_version":"HTTP/1.0","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: brgtv.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 500 Internal Server Error\r\nDate: Sat, 24 Aug 2024 05:57:07 GMT\r\nServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16\r\nX-Powered-By: PHP/5.4.16\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":11,"dns":1,"connect":13,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-24","alert":"Sinkholed","trigger":"brgtv.info","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"brgtv.info/favicon.ico","fqdn":"brgtv.info","domain":"brgtv.info","tld":"info"},"ip":{"addr":"194.34.132.196","port":80,"asn":51765,"as":"Oy Crea Nova Hosting Solution Ltd","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://brgtv.info/","date":"2024-08-24T05:57:07.677Z","timestamp":1724479027677,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: brgtv.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://brgtv.info/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 24 Aug 2024 05:57:07 GMT\r\nServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16\r\nLast-Modified: Thu, 11 Aug 2016 03:38:52 GMT\r\nETag: \"2fe-539c3812a6b00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 766\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/vnd.microsoft.icon\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":766,"size_decoded":766,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 32x32, 16 colors, 4 bits/pixel","md5":"338abbb5ea8d80b9869555eca253d49d","sha1":"63e4879d10467b4bc481a208c3a64649242a1420","sha256":"36a6f4ba02692dd0d4f25aa288e598a8f36d5e1a18513f0bdbbc0ada9f5b729d","sha512":"0e27f25c1bb8e019f8b0f10d2849d8b51136fcaa6e0d5fef7dda3acd05900318df96818f96bae109cd31cf191850063438db5904a654cc2e86cebccccf579f6c","ssdeep":"","tlshash":"dd01f192a644c316f45c427471c30b3bd56b90604d32c0c511063c5ef96328c0bd9c78","first_seen":"2023-04-18T05:02:13Z","last_seen":"2026-04-03T20:34:31.141691Z","times_seen":1376,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":1,"connect":13,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-08-24","alert":"Sinkholed","trigger":"brgtv.info","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:09.453570458Z","timestamp":1724479029453,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5078\r\nExpires: Sat, 24 Aug 2024 07:21:47 GMT\r\nDate: Sat, 24 Aug 2024 05:57:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:09.464390023Z","timestamp":1724479029464,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5078\r\nExpires: Sat, 24 Aug 2024 07:21:47 GMT\r\nDate: Sat, 24 Aug 2024 05:57:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:09.467481675Z","timestamp":1724479029467,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5078\r\nExpires: Sat, 24 Aug 2024 07:21:47 GMT\r\nDate: Sat, 24 Aug 2024 05:57:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T05:57:09.477457078Z","timestamp":1724479029477,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D5D1370D54DBC79EEF9D826334B31217D5B9823CFD1D012036B1BC4F38B724B4\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5078\r\nExpires: Sat, 24 Aug 2024 07:21:47 GMT\r\nDate: Sat, 24 Aug 2024 05:57:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"858eda022f9abab07abe65d5db47bdd7","sha1":"50676984a7c33451e955b30f0c2796d8cbd39b37","sha256":"d5d1370d54dbc79eef9d826334b31217d5b9823cfd1d012036b1bc4f38b724b4","sha512":"e5149f414165e4ecf944e1dbcf16810c0b383621fa1891f5d04af973954796252ff40cbae72087a276dd6da011b4944126f65b7711ce8134227c0bbc97eb4e7e","ssdeep":"","tlshash":"1ff0c0962b21b814255816157ee6c6171f107e58684525d3865c17e2a8017fd530480c","first_seen":"2024-08-23T19:27:06Z","last_seen":"2024-08-29T18:07:09.764216Z","times_seen":22856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}