{"report_id":"f0c83b39-913c-4f3f-8be9-05124b62146e","version":6,"status":"done","tags":[],"date":"2024-08-07T11:28:18Z","url":{"schema":"http","addr":"help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe","fqdn":"help.stumpcomputerservices.com","domain":"stumpcomputerservices.com","tld":"com"},"ip":{"addr":"50.126.91.52","port":0,"asn":20055,"as":"AS-WHOLESAIL","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe","fqdn":"help.stumpcomputerservices.com","domain":"stumpcomputerservices.com","tld":"com"},"title":"help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T05:19:48Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":7,"received_data":6213,"sent_data":2289,"comment":"","tags":null,"fingerprints":null},{"fqdn":"help.stumpcomputerservices.com","ip":{"addr":"50.126.91.52","port":443,"asn":20055,"as":"AS-WHOLESAIL","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":1,"request_count":2,"received_data":97908,"sent_data":1022,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"e83a4224ee120b447a545bbd05b341f5","sha1":"6c9a02792069d7cf7bb218ea20d0cb328849269b","sha256":"d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","sha512":"961a4e5a7e76326dd1cb4b3ffc5a3f8152a79e0114fab50eef066990f5a641d3873285611453985fdcafef2ca523d1c70bd7d747dd76e59609539527deecfee5","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections","size":95520,"url":{"schema":"https","addr":"help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe","fqdn":"help.stumpcomputerservices.com","domain":"stumpcomputerservices.com","tld":"com"},"ip":{"addr":"50.126.91.52","port":443,"asn":20055,"as":"AS-WHOLESAIL","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-07","alert":"Scan result 1/75","trigger":"d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","verdict":"suspicious","severity":"","comment":"suspicious - 1/75","link":"https://www.virustotal.com/gui/file/d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:52.482151264Z","timestamp":1723030072482,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BF3643F753112C9F8FA5204E8EE172A6E0374D160407B7F14E2C0708AA0DAAD5\"\r\nLast-Modified: Tue, 06 Aug 2024 06:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5248\r\nExpires: Wed, 07 Aug 2024 12:55:20 GMT\r\nDate: Wed, 07 Aug 2024 11:27:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"361994b45d17874f3d57044be82a542d","sha1":"ddad8ebd0d7ecdc2c9d07245d5aff4df9e3e0a56","sha256":"bf3643f753112c9f8fa5204e8ee172a6e0374d160407b7f14e2c0708aa0daad5","sha512":"69b2e5f43b4edd443199135827bcb34df19ccdc4262528790e0965af98a1952c4d74083fee641836a96f64c82bdaf83d3823a7590a87949d9b4da0c12db6683a","ssdeep":"","tlshash":"65f054d30bbcb390ba626b317ab4c3116d93bd6d70a566d138c043e631527f495cf408","first_seen":"2024-08-06T11:18:14Z","last_seen":"2024-08-19T14:25:35.832977Z","times_seen":26925,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:52.483958951Z","timestamp":1723030072483,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B28C45ED35B17A62F81E5AA81541F61740E5DFB5D5C1BAA572FEED4A4E2DB9C5\"\r\nLast-Modified: Tue, 06 Aug 2024 06:28:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5438\r\nExpires: Wed, 07 Aug 2024 12:58:30 GMT\r\nDate: Wed, 07 Aug 2024 11:27:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a4b0d33ac49c96c71e39bb632bda5673","sha1":"f4a1b2c6888fbf71cf9f3a36170c0968463df973","sha256":"b28c45ed35b17a62f81e5aa81541f61740e5dfb5d5c1baa572feed4a4e2db9c5","sha512":"f44374f18265307f22d392feb33513aff2f0cc2f80ff0c25ac08dbadc8eb6c1201f672eaea820e32a99ae3da99c05bb1db288660a672cdc04bad10ae41707732","ssdeep":"","tlshash":"19f00e522ab6b44295fcd4172ef4ca202e74acb820641af57e8062e73830fd85bc4444","first_seen":"2024-08-06T13:14:37Z","last_seen":"2024-08-19T14:25:02.952009Z","times_seen":29584,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:52.939459891Z","timestamp":1723030072939,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F0A648A200FC7849174D4B74C6FBFEE82B5BD098C9C9CAE7084BDAFABA169E3B\"\r\nLast-Modified: Tue, 06 Aug 2024 06:26:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6648\r\nExpires: Wed, 07 Aug 2024 13:18:40 GMT\r\nDate: Wed, 07 Aug 2024 11:27:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e7a128439c6dec237227cc4b883a2c99","sha1":"7794fc9e9bc964823a96cec60a2ec829dbce9919","sha256":"f0a648a200fc7849174d4b74c6fbfee82b5bd098c9c9cae7084bdafaba169e3b","sha512":"8da0b24262d7d85f89e16c50cab447edbe30f9eb4ed79bef412fe627afb067c648d92e6fff7210263b032db4669c740b6dcfe72a308934d9bb824dec6262494a","ssdeep":"","tlshash":"b6f00e9a03af34806bb51d4267a6ce2a3e349ebc21416df1ba5003f13858bf76ac50d4","first_seen":"2024-08-06T10:33:04Z","last_seen":"2024-08-19T14:25:42.159456Z","times_seen":36182,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:53.324846884Z","timestamp":1723030073324,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"485ADDE6605F8D46BBB24F1CE8FBDEBA81D44F09B75600300584D408AA9F3CE1\"\r\nLast-Modified: Tue, 06 Aug 2024 06:57:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=14957\r\nExpires: Wed, 07 Aug 2024 15:37:10 GMT\r\nDate: Wed, 07 Aug 2024 11:27:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"5aa0870760a323e0c76c1574633ed6e1","sha1":"5ba6f90abf50092defc125757aef5f3775353f40","sha256":"485adde6605f8d46bbb24f1ce8fbdeba81d44f09b75600300584d408aa9f3ce1","sha512":"bb6a2ad4583fa24f22bac5e8e2277ae19d91930d17bf9f719a3dddb553e7a23efd1524e6308cca60ad4c4ab4ddbf849cdabd1e420cd13e26df596bc5d95c72a0","ssdeep":"","tlshash":"8bf095e21a68fd52b773c9256ed4e9141d005e7c34006fd224b40bea76607e157580c4","first_seen":"2024-08-06T20:22:25Z","last_seen":"2024-08-19T14:23:12.739656Z","times_seen":20403,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe","fqdn":"help.stumpcomputerservices.com","domain":"stumpcomputerservices.com","tld":"com"},"ip":{"addr":"50.126.91.52","port":443,"asn":20055,"as":"AS-WHOLESAIL","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-07T11:27:53.236Z","timestamp":1723030073236,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"help.stumpcomputerservices.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 05 Jan 2024 00:00:00 GMT","end":"Tue, 04 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"C0:72:CF:40:4F:40:5E:FA:2B:A4:89:C0:89:B4:0D:A1:43:CC:96:70","sha256":"98:CB:EE:D1:9B:47:8C:70:E7:30:03:C5:F5:0D:AA:CF:BA:4A:1F:89:1E:06:1A:01:72:4C:BA:D2:F4:49:45:E4"}}},"request":{"raw":"GET /Bin/ScreenConnect.ClientService.exe HTTP/1.1\r\nHost: help.stumpcomputerservices.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private\r\ncontent-length: 95520\r\ncontent-type: text/html\r\nserver: ScreenConnect/24.2.5.8971-912584341 Microsoft-HTTPAPI/2.0\r\nx-robots-tag: noindex\r\ndate: Wed, 07 Aug 2024 11:27:52 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95520,"size_decoded":95520,"mime_type":"text/html","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections","md5":"e83a4224ee120b447a545bbd05b341f5","sha1":"6c9a02792069d7cf7bb218ea20d0cb328849269b","sha256":"d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","sha512":"961a4e5a7e76326dd1cb4b3ffc5a3f8152a79e0114fab50eef066990f5a641d3873285611453985fdcafef2ca523d1c70bd7d747dd76e59609539527deecfee5","ssdeep":"1536:8g1s9pgbNBAklbZfe2+zRVdHeDxGXAorrCnBsWBcd6myJkgMU0HM67cxS:lhbNDxZGXfdHrX7rAc6myJkgMU0HFN","tlshash":"ee935a13b5c28872d473093158e0dab49a3ff9615e61deab3798022e4f342c1ae75e77","first_seen":"2024-08-07T13:28:19Z","last_seen":"2024-12-17T22:45:52.968387Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1268,"timings":{"blocked":350,"dns":0,"connect":180,"send":0,"wait":183,"receive":363,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-07","alert":"Scan result 1/75","trigger":"d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","verdict":"suspicious","severity":"","comment":"suspicious - 1/75","link":"https://www.virustotal.com/gui/file/d23eebf10e0241161cda8ecd880ff0695c6849e3647fb7f776aa2c5be19c5c43","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"help.stumpcomputerservices.com/favicon.ico","fqdn":"help.stumpcomputerservices.com","domain":"stumpcomputerservices.com","tld":"com"},"ip":{"addr":"50.126.91.52","port":443,"asn":20055,"as":"AS-WHOLESAIL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe","date":"2024-08-07T11:27:54.147Z","timestamp":1723030074147,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"help.stumpcomputerservices.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 05 Jan 2024 00:00:00 GMT","end":"Tue, 04 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"C0:72:CF:40:4F:40:5E:FA:2B:A4:89:C0:89:B4:0D:A1:43:CC:96:70","sha256":"98:CB:EE:D1:9B:47:8C:70:E7:30:03:C5:F5:0D:AA:CF:BA:4A:1F:89:1E:06:1A:01:72:4C:BA:D2:F4:49:45:E4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: help.stumpcomputerservices.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://help.stumpcomputerservices.com/Bin/ScreenConnect.ClientService.exe\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private\r\ncontent-length: 1922\r\ncontent-type: text/html; charset=utf-8\r\nserver: ScreenConnect/24.2.5.8971-912584341 Microsoft-HTTPAPI/2.0\r\ndate: Wed, 07 Aug 2024 11:27:52 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1922,"size_decoded":1922,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"fe13e7946b45b0110de267c1f85bd38c","sha1":"b4d864661a98607f5751dcb81bf87df80ea80822","sha256":"cb659eae953d8a427ea235c2df88ede9e4258a932594362364e857c8d8078ed9","sha512":"f59dd66b961ced05322ed5f41a3a8fe142385e84587e8f61c2f6a0be9102afa984c6a824f1a820fdf1ae9b963d0a50d3f397707ed73e8c4634b97d0d7b9b9126","ssdeep":"","tlshash":"ce410e53a941141b95b3082a39027318ef35019797628ba1b99f1a06effa55723c7f8c","first_seen":"2023-04-06T14:39:01Z","last_seen":"2026-05-11T15:50:48.293024Z","times_seen":1696,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:55.221818777Z","timestamp":1723030075221,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E356C1BD222EB19FFD721062BCA611A3791985070895ED0BD5F91382970E7BF9\"\r\nLast-Modified: Tue, 06 Aug 2024 06:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15665\r\nExpires: Wed, 07 Aug 2024 15:49:00 GMT\r\nDate: Wed, 07 Aug 2024 11:27:55 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"327bc43a00e425dc5af5df4efab2ceaf","sha1":"963d56a3437b86a9a87eb2aa01094b76a1b68fbb","sha256":"e356c1bd222eb19ffd721062bca611a3791985070895ed0bd5f91382970e7bf9","sha512":"1b79fc7f02f64d8e4418e396dfd9e438e22264f681a55b9f4639d1da63538e9e75a2ef638f5e082d9240936280b286afafe1acb5efec36d89c7f3eda1cd4ba64","ssdeep":"","tlshash":"41f054e207be7cc953b208223a3bce291c14e4f97c6011e229d0dbd378527a83e05409","first_seen":"2024-08-06T10:42:57Z","last_seen":"2024-08-19T14:25:39.907863Z","times_seen":25615,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:55.222930997Z","timestamp":1723030075222,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E356C1BD222EB19FFD721062BCA611A3791985070895ED0BD5F91382970E7BF9\"\r\nLast-Modified: Tue, 06 Aug 2024 06:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15665\r\nExpires: Wed, 07 Aug 2024 15:49:00 GMT\r\nDate: Wed, 07 Aug 2024 11:27:55 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"327bc43a00e425dc5af5df4efab2ceaf","sha1":"963d56a3437b86a9a87eb2aa01094b76a1b68fbb","sha256":"e356c1bd222eb19ffd721062bca611a3791985070895ed0bd5f91382970e7bf9","sha512":"1b79fc7f02f64d8e4418e396dfd9e438e22264f681a55b9f4639d1da63538e9e75a2ef638f5e082d9240936280b286afafe1acb5efec36d89c7f3eda1cd4ba64","ssdeep":"","tlshash":"41f054e207be7cc953b208223a3bce291c14e4f97c6011e229d0dbd378527a83e05409","first_seen":"2024-08-06T10:42:57Z","last_seen":"2024-08-19T14:25:39.907863Z","times_seen":25615,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-07T11:27:55.223952665Z","timestamp":1723030075223,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E356C1BD222EB19FFD721062BCA611A3791985070895ED0BD5F91382970E7BF9\"\r\nLast-Modified: Tue, 06 Aug 2024 06:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15665\r\nExpires: Wed, 07 Aug 2024 15:49:00 GMT\r\nDate: Wed, 07 Aug 2024 11:27:55 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"327bc43a00e425dc5af5df4efab2ceaf","sha1":"963d56a3437b86a9a87eb2aa01094b76a1b68fbb","sha256":"e356c1bd222eb19ffd721062bca611a3791985070895ed0bd5f91382970e7bf9","sha512":"1b79fc7f02f64d8e4418e396dfd9e438e22264f681a55b9f4639d1da63538e9e75a2ef638f5e082d9240936280b286afafe1acb5efec36d89c7f3eda1cd4ba64","ssdeep":"","tlshash":"41f054e207be7cc953b208223a3bce291c14e4f97c6011e229d0dbd378527a83e05409","first_seen":"2024-08-06T10:42:57Z","last_seen":"2024-08-19T14:25:39.907863Z","times_seen":25615,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}