{"report_id":"ca20f766-26fb-47c2-907f-b1a2c4eb5ffe","version":6,"status":"done","tags":[],"date":"2024-09-25T18:35:27Z","url":{"schema":"http","addr":"ip19.ip-144-217-207.net","fqdn":"ip19.ip-144-217-207.net","domain":"ip-144-217-207.net","tld":"net"},"ip":{"addr":"144.217.207.19","port":0,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"about","addr":"about:neterror?e=connectionFailure\u0026u=https%3A//ip19.ip-144-217-207.net/\u0026c=UTF-8\u0026d=Firefox%20can%E2%80%99t%20establish%20a%20connection%20to%20the%20server%20at%20ip19.ip-144-217-207.net.","fqdn":"","domain":"","tld":""},"title":"Problem loading page"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-07T07:42:49Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-25 18:12:29","alert_count":0,"request_count":4,"received_data":3550,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-25 18:12:04","alert_count":0,"request_count":4,"received_data":3552,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ip19.ip-144-217-207.net","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":0,"sent_data":1356,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:neterror?e=connectionFailure\u0026u=https%3A//ip19.ip-144-217-207.net/\u0026c=UTF-8\u0026d=Firefox%20can%E2%80%99t%20establish%20a%20connection%20to%20the%20server%20at%20ip19.ip-144-217-207.net.","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T17:28:19.342081Z","times_seen":14965464,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:01.406146144Z","timestamp":1727289301406,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"856F85441E043130F88668BE6CF68110187856F17999BDDC4332437D383C79B6\"\r\nLast-Modified: Mon, 23 Sep 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13334\r\nExpires: Wed, 25 Sep 2024 22:17:15 GMT\r\nDate: Wed, 25 Sep 2024 18:35:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"72e206e9b89445fb2fb4031a6abe6169","sha1":"a18bebfb86a71685bd817c15e348cfb5ea438c72","sha256":"856f85441e043130f88668be6cf68110187856f17999bddc4332437d383c79b6","sha512":"daa9bdbd4724ed07e1bcf8d82a936f0b6f6a998ffe2c704353017fb3c87611bf8795afbccc233b0e09dcbd4908be8dfaf8556c9e88a0dac161a7a3d8a9bb639e","ssdeep":"","tlshash":"cdf07e912225b648e3e602022a50c428ed2838fc381058c0b2e8d7f09f28bb461e6018","first_seen":"2024-09-23T14:36:45Z","last_seen":"2024-09-28T08:17:26.962886Z","times_seen":30040,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:01.407030106Z","timestamp":1727289301407,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EED92BA0D6FCDA7B8365052A0ABBB873BE47ACC3C38537EFC9E089FC9ACBFE82\"\r\nLast-Modified: Wed, 25 Sep 2024 11:06:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6477\r\nExpires: Wed, 25 Sep 2024 20:22:58 GMT\r\nDate: Wed, 25 Sep 2024 18:35:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"28e78d8178ae1eb54a5649b6d53b28c1","sha1":"db0751a25e0edeb1d0fc2e12857887f921415115","sha256":"eed92ba0d6fcda7b8365052a0abbb873be47acc3c38537efc9e089fc9acbfe82","sha512":"61cc0e44475b72d3fd3e1ff47becd72960a1fc9fa15f558e12008065ebf93a4716a54b3952b8b4750fbf4087966c9b2270e8594fa1a41c857a8c1e947016120d","ssdeep":"","tlshash":"8ff00e35d1e4b8056af0480225d8e75b19306aef74400ee65d840fe39b107bd4a8d448","first_seen":"2024-09-25T16:25:12Z","last_seen":"2024-09-28T07:45:42.609536Z","times_seen":2667,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:01.713670006Z","timestamp":1727289301713,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"55FA8283FBD284A294B1853B35EB0BBBDFD3DD6DE3CB3EBF441F0A7F6296D41D\"\r\nLast-Modified: Wed, 25 Sep 2024 10:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4776\r\nExpires: Wed, 25 Sep 2024 19:54:37 GMT\r\nDate: Wed, 25 Sep 2024 18:35:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b864476fa0457236e163a06e1cad5279","sha1":"e9acc26214498b6861058be05885f07275075406","sha256":"55fa8283fbd284a294b1853b35eb0bbbdfd3dd6de3cb3ebf441f0a7f6296d41d","sha512":"955f4c29f456464b1205ea9732654d42d98891c424a1fbac4d6c396ec63bd7fa26f054417c29d76ef2d6a5c59f6c42607b7d694a4d7e9030bf32a1f7e94c8290","ssdeep":"","tlshash":"3ff0051502e67c015fb918357abaf7146c20adda298021d639c802f1ba06f6c0745008","first_seen":"2024-09-25T14:29:23Z","last_seen":"2024-09-28T07:47:18.383604Z","times_seen":4856,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:01.917036628Z","timestamp":1727289301917,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E7663AF7161FB47BA9214420AC390365B05F832603CD07B2D71A5E58C21FF854\"\r\nLast-Modified: Wed, 25 Sep 2024 01:06:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13109\r\nExpires: Wed, 25 Sep 2024 22:13:30 GMT\r\nDate: Wed, 25 Sep 2024 18:35:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0db22d1bf08e17d0aa79837780ccb58e","sha1":"8a1325f2825794922c84ae24bfa90fbef5c26c86","sha256":"e7663af7161fb47ba9214420ac390365b05f832603cd07b2d71a5e58c21ff854","sha512":"a2dc94509cd11300d6af8681d618630a5717509251a9a1373f2434b368d69b9ba93197a3ab6ce738189f0a62e35c8d51a855ce9b4584fc18c25e2b1aeb4307fa","ssdeep":"","tlshash":"49f005260f4b7c40f7e4c4261f7dc761b621697f7e1028f361dc47e1641179e1645008","first_seen":"2024-09-25T05:48:29Z","last_seen":"2024-09-28T07:53:02.340701Z","times_seen":7680,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:03.821938997Z","timestamp":1727289303821,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13705\r\nExpires: Wed, 25 Sep 2024 22:23:28 GMT\r\nDate: Wed, 25 Sep 2024 18:35:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:03.823030087Z","timestamp":1727289303823,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13705\r\nExpires: Wed, 25 Sep 2024 22:23:28 GMT\r\nDate: Wed, 25 Sep 2024 18:35:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:03.825873629Z","timestamp":1727289303825,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13705\r\nExpires: Wed, 25 Sep 2024 22:23:28 GMT\r\nDate: Wed, 25 Sep 2024 18:35:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T18:35:03.82734309Z","timestamp":1727289303827,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13705\r\nExpires: Wed, 25 Sep 2024 22:23:28 GMT\r\nDate: Wed, 25 Sep 2024 18:35:03 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ip19.ip-144-217-207.net/","fqdn":"ip19.ip-144-217-207.net","domain":"ip-144-217-207.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-25T18:35:01.736Z","timestamp":1727289301736,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ip19.ip-144-217-207.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T17:28:19.342081Z","times_seen":14965464,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":94,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ip19.ip-144-217-207.net/","fqdn":"ip19.ip-144-217-207.net","domain":"ip-144-217-207.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-25T18:35:01.942Z","timestamp":1727289301942,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ip19.ip-144-217-207.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T17:28:19.342081Z","times_seen":14965464,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":94,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ip19.ip-144-217-207.net/","fqdn":"ip19.ip-144-217-207.net","domain":"ip-144-217-207.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-25T18:35:02.165Z","timestamp":1727289302165,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ip19.ip-144-217-207.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T17:28:19.342081Z","times_seen":14965464,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":93,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-25","alert":"Sinkholed","trigger":"ip-144-217-207.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}