{"report_id":"bcd0d7e8-bb79-44cf-8ee1-d42aaca52097","version":6,"status":"done","tags":[],"date":"2024-07-18T22:16:44Z","url":{"schema":"http","addr":"strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/","fqdn":"strideovertakelargest.com","domain":"strideovertakelargest.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/","fqdn":"strideovertakelargest.com","domain":"strideovertakelargest.com","tld":"com"},"title":"strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:11:06Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-18 18:12:17","alert_count":0,"request_count":5,"received_data":4439,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-07-18 18:12:20","alert_count":0,"request_count":1,"received_data":888,"sent_data":327,"comment":"","tags":null,"fingerprints":null},{"fqdn":"strideovertakelargest.com","ip":{"addr":"172.240.108.76","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2022-10-24","domain_rank":0,"first_seen":"2022-10-25 02:29:27","last_seen":"2024-02-25 03:46:51","alert_count":0,"request_count":3,"received_data":1361,"sent_data":1366,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T22:16:12Z","timestamp":1721340972,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":36402,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-07-18T22:16:12.413710+0000\",\"flow_id\":235525590618059,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":36402,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"mail.day.group-wa-2021.duckdns.org\",\"url\":\"/login.php\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":598,\"bytes_toclient\":116,\"start\":\"2024-07-18T22:11:54.856011+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T22:16:15Z","timestamp":1721340975,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":36348,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-07-18T22:16:15.093629+0000\",\"flow_id\":1363083354763212,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":36348,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"mail.day.group-wa-2021.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":469,\"bytes_toclient\":116,\"start\":\"2024-07-18T22:11:52.061388+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T22:16:24Z","timestamp":1721340984,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":54220,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-07-18T22:16:24.467002+0000\",\"flow_id\":2212842635971441,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":54220,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"sggroupf.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":455,\"bytes_toclient\":116,\"start\":\"2024-07-18T22:12:18.052081+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-18T22:16:34Z","timestamp":1721340994,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":36416,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-07-18T22:16:34.508133+0000\",\"flow_id\":811098453024503,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":36416,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"mail.day.group-wa-2021.duckdns.org\",\"url\":\"/login.php\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":598,\"bytes_toclient\":116,\"start\":\"2024-07-18T22:11:55.106231+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:11.630339489Z","timestamp":1721340971630,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"15D10FABB92098E81E218740AE04059FE6340C321EE70325DB46F6C9CB7AD817\"\r\nLast-Modified: Thu, 18 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17416\r\nExpires: Fri, 19 Jul 2024 03:06:27 GMT\r\nDate: Thu, 18 Jul 2024 22:16:11 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"91a50ba757c5ca46c896205a21d87a49","sha1":"0b48953a685631845a7034c8948077de0e60de80","sha256":"15d10fabb92098e81e218740ae04059fe6340c321ee70325db46f6c9cb7ad817","sha512":"9dc3e69a9de4f4acb12fa7ac9a5508ce095f2b0c1a297271ce5d59e94871f36c834e377ba43ca5b4e248b274f574892b3d854d3c7d72c1c47e92e46db6d8f05c","ssdeep":"","tlshash":"def00e95509c7f02ebf220136de8c30c5a247de91c4026f230e85ac2fe047fa89cc989","first_seen":"2024-07-18T11:09:46Z","last_seen":"2024-08-19T16:31:59.348725Z","times_seen":23544,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:11.631380432Z","timestamp":1721340971631,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C695CCD93D9E45C8D7B4B08201A3FE45221658531FA0A54F778DADCC2479399E\"\r\nLast-Modified: Thu, 18 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3857\r\nExpires: Thu, 18 Jul 2024 23:20:28 GMT\r\nDate: Thu, 18 Jul 2024 22:16:11 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c746d0145c03aa7156aa6a21d8cd2d41","sha1":"8fb7cb950f28012e8bf42cf02c7598862c66e21f","sha256":"c695ccd93d9e45c8d7b4b08201a3fe45221658531fa0a54f778dadcc2479399e","sha512":"c03f2b8bd05783fefdbdf7395156eee21d60c91a976ebf63ce640e5758fce8cd67896a7502f68cda9b591d7564096b6f20cf15d102c317b22c9c9c9fc6e2fd99","ssdeep":"","tlshash":"b9f0c04509d43a4096a22d0668f9d25c6e602ea5905a10a751d001f67c01f9dc684209","first_seen":"2024-07-18T11:04:06Z","last_seen":"2024-08-19T16:32:01.991715Z","times_seen":27719,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:12.017958762Z","timestamp":1721340972017,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17205F996D5CE1462ADB970516597F51763582906181B875E45B5B7535F38B8F\"\r\nLast-Modified: Thu, 18 Jul 2024 08:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12900\r\nExpires: Fri, 19 Jul 2024 01:51:12 GMT\r\nDate: Thu, 18 Jul 2024 22:16:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ba83fc82f22d464fbc0a613d3224fdef","sha1":"b8d2b3e057c0d01c05e3891f5b5cdaf09e001d3b","sha256":"17205f996d5ce1462adb970516597f51763582906181b875e45b5b7535f38b8f","sha512":"cccf8f5eeca2b9d0d42d21fd1beac77ef0c01812a2a8f72c6d1390e268eaed420d0e64c3a1264affbd202ed65b635e4035e3b02e4a5423f326bd3d50d824ace5","ssdeep":"","tlshash":"13f07e050eee78055be011041cf3cf3c3e28b6f429205df5e89408e22811bf1aac8849","first_seen":"2024-07-18T13:57:58Z","last_seen":"2024-08-19T16:31:23.044897Z","times_seen":26255,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:12.105255096Z","timestamp":1721340972105,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"38125115E22A9A58BF2DF205BB09AE6C6FEF4948B9DE15B2F15F37D19AEDF6A9\"\r\nLast-Modified: Thu, 18 Jul 2024 07:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12800\r\nExpires: Fri, 19 Jul 2024 01:49:32 GMT\r\nDate: Thu, 18 Jul 2024 22:16:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"42e531d59be85c09ecc215208470d19e","sha1":"75ec72c8c8e1de19407837d46d2ad7119770cdb0","sha256":"38125115e22a9a58bf2df205bb09ae6c6fef4948b9de15b2f15f37d19aedf6a9","sha512":"ac3dfecec0529c17e9add84859e5d582a7966bf18568d5725da5fa1ebca5ba9a5ec2aa2461e5086461d4c50ed5f210ac5314491da2dc1c6cc487a10e0d66db12","ssdeep":"","tlshash":"77f00e670ac6b6859fb325360cd6c61c2d517a9e604465cab4e00ac2bc00bebcac85cc","first_seen":"2024-07-18T12:19:10Z","last_seen":"2024-08-19T16:31:34.06417Z","times_seen":27002,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:12.577651767Z","timestamp":1721340972577,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"11F234D9AD7CE645B1A5FBEFCC1A53F4257D767C484638EEBB271BEF8C74107B\"\r\nLast-Modified: Thu, 18 Jul 2024 08:40:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21600\r\nExpires: Fri, 19 Jul 2024 04:16:12 GMT\r\nDate: Thu, 18 Jul 2024 22:16:12 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9375e3bf6c15a467ee46404ffaa51e4d","sha1":"90c93f2b7ac0b436456b1b91f5c930584ad8eb32","sha256":"11f234d9ad7ce645b1a5fbefcc1a53f4257d767c484638eebb271bef8c74107b","sha512":"476860763b48e1e8dcb10c0b80ecf4002d886706f09d84cbc2431c62140516ad6bbc85c3c69d28baafb3c3f31a62d73eaa5ea511c48c86f00bca00351ac277b4","ssdeep":"","tlshash":"66f00511376cbc4406b5143dbdc9e039043c65f52c4851c1adcd07f7bc623db890444c","first_seen":"2024-08-19T16:27:21.964376Z","last_seen":"2024-08-19T16:27:21.964376Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/","fqdn":"strideovertakelargest.com","domain":"strideovertakelargest.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":80,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-18T22:16:12.772Z","timestamp":1721340972772,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /1c1bae4ecbcaa5d152c22018611dc492/invoke.js/ HTTP/1.1\r\nHost: strideovertakelargest.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.21.6\r\nDate: Thu, 18 Jul 2024 22:16:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":107,"dns":1,"connect":107,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/","fqdn":"strideovertakelargest.com","domain":"strideovertakelargest.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":80,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-18T22:16:12.772Z","timestamp":1721340972772,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /1c1bae4ecbcaa5d152c22018611dc492/invoke.js/ HTTP/1.1\r\nHost: strideovertakelargest.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.19.5\r\nDate: Thu, 18 Jul 2024 22:16:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":107,"dns":1,"connect":107,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"strideovertakelargest.com/favicon.ico","fqdn":"strideovertakelargest.com","domain":"strideovertakelargest.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":80,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/","date":"2024-07-18T22:16:13.072Z","timestamp":1721340973072,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: strideovertakelargest.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://strideovertakelargest.com/1c1bae4ecbcaa5d152c22018611dc492/invoke.js/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Thu, 18 Jul 2024 22:16:13 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aa93287f529a0dcd87e4524b5bb64a02\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-18T22:16:13.803914693Z","timestamp":1721340973803,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A8FC1FB00FC3EE458F9A31D619BE4CC4A9E7263F980DEB8323A5A6BA69C03F8D\"\r\nLast-Modified: Thu, 18 Jul 2024 07:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16254\r\nExpires: Fri, 19 Jul 2024 02:47:07 GMT\r\nDate: Thu, 18 Jul 2024 22:16:13 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1543efa0b06a3c4484d059961f9cf2d0","sha1":"1aef10797a9524ff91b70e87f41e935a2dbf1917","sha256":"a8fc1fb00fc3ee458f9a31d619be4cc4a9e7263f980deb8323a5a6ba69c03f8d","sha512":"4b712977d31d696b589a34cf50dca0b803ab2e6d6eb41f9c0e4ed5574c63360801d5b9b24a7062d45ce7462c727a0c6bd269b7203ad6f05e92aae48bf85a454f","ssdeep":"","tlshash":"62f0054612effd496af50505ac85b6782b327bde3d0056117c9843d1bc5179e52e80c9","first_seen":"2024-07-18T13:05:53Z","last_seen":"2024-08-19T16:31:26.006219Z","times_seen":15177,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}