{"report_id":"fcdd8265-0028-4b03-bf4d-b67ee7cec7d5","version":6,"status":"done","tags":[],"date":"2024-09-05T04:22:43Z","url":{"schema":"http","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"ip":{"addr":"143.204.55.79","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"title":"ERROR: The request could not be satisfied"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T22:32:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-04 18:12:06","alert_count":0,"request_count":3,"received_data":2663,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","ip":{"addr":"143.204.55.79","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":4845,"sent_data":2007,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:18.327161513Z","timestamp":1725510138327,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7\"\r\nLast-Modified: Mon, 02 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3865\r\nExpires: Thu, 05 Sep 2024 05:26:43 GMT\r\nDate: Thu, 05 Sep 2024 04:22:18 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"66fbf7f95cb55f388373a20d4b1a736e","sha1":"afc34259758a563362367848629ff7639982e1fb","sha256":"41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7","sha512":"80f0c1a3f29e795722e05ea6260e1ec92780f3f554ace63e7a0e4ad5d030be18b0cde8397bffc652a92306b23ba802aa8a0db463bac3a6827e645816bd5759a0","ssdeep":"","tlshash":"02f00e7956f2e6c3faf8112314a6ed606c227aab780021a279800ac239c67f6678545c","first_seen":"2024-09-02T19:20:57Z","last_seen":"2024-09-19T23:09:36.632755Z","times_seen":35846,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:18.612581437Z","timestamp":1725510138612,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2EFF28E3E6829BF2CFCBC417FD76313D5B5E8BA8A3F0F0DE6A5B5CDC2888E7E5\"\r\nLast-Modified: Mon, 02 Sep 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11874\r\nExpires: Thu, 05 Sep 2024 07:40:12 GMT\r\nDate: Thu, 05 Sep 2024 04:22:18 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"1f0091b166a0138433eabf08a4530e4a","sha1":"769d1eeaefb4987198c821ea98e06ea8ba0de215","sha256":"2eff28e3e6829bf2cfcbc417fd76313d5b5e8ba8a3f0f0de6a5b5cdc2888e7e5","sha512":"364d524de90207f10545b2179829782e69bd266bbf207919deaadeb860795d7eb3208b252cf11c3a0012563ee5c90123a384f0a98780a90e6bbe017936f2cf5b","ssdeep":"","tlshash":"c7f00eba34e2a622b7f402a11978d43b6e30dfbcb82552f6a5c043e66c017b80540c4c","first_seen":"2024-09-03T06:12:03Z","last_seen":"2024-09-19T23:01:55.712232Z","times_seen":17078,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:18.758320134Z","timestamp":1725510138758,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C\"\r\nLast-Modified: Mon, 02 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13751\r\nExpires: Thu, 05 Sep 2024 08:11:29 GMT\r\nDate: Thu, 05 Sep 2024 04:22:18 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cabaaa7c3e6a621cc5836be05eee4924","sha1":"c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8","sha256":"2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c","sha512":"7da36317a8c4f485281c503bcc03813f77f4339dd43124bdba3345414625f7dbb71911cd5eb19e1d4afb482b9ce0ffb5678bd41d4d5e6e77f56069bd2f99817d","ssdeep":"","tlshash":"a0f00efb12f33260dbf59d293989f23a0610ad9ebc2198e624c5d1cb9442fec408890c","first_seen":"2024-09-02T19:36:30Z","last_seen":"2024-09-19T23:09:22.854855Z","times_seen":22244,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"ip":{"addr":"143.204.55.79","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:19.060Z","timestamp":1725510139060,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html\r\ncontent-length: 915\r\nserver: CloudFront\r\ndate: Thu, 05 Sep 2024 04:22:18 GMT\r\nvia: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront), 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront), 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA56-P11, FRA56-P11, OSL50-C1\r\nx-cache: Error from cloudfront\r\nx-amz-cf-id: vxRQUN6uewTs335e25dHnJ5O0Y8drulpQL9bDBl0tyqK6dGPd9__Ng==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":915,"size_decoded":915,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"8446a99d5a06c6bfc5b41d92519f970b","sha1":"2d074be16ce1fec434808be388cec86314ac0717","sha256":"06b615c601050f7dd3a9b7cda3c501ed7e4cf1ef4ddf56660678623afd37d6ae","sha512":"ddd3fdc8bb09564c2901acc39c53a77c4a16396e8cf6acf5d8b4a91a9e0d597e984c6238c78ed44e07bb3ea5b6f8a2643d0dbd54e54c29d992c3114aba250e13","ssdeep":"","tlshash":"b111e66fd95c21278143700aef884f2c3b31a2fbe2f3829860a5409a31677e8c3ed0c1","first_seen":"2024-09-19T22:32:24.861338Z","last_seen":"2024-09-19T22:32:24.861338Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"ip":{"addr":"143.204.55.79","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:19.060Z","timestamp":1725510139060,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: CloudFront\r\nDate: Thu, 05 Sep 2024 04:22:19 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nLocation: https://4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/\r\nX-Cache: Redirect from cloudfront\r\nVia: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: DvvXa2Dx0TPpzVFsdTqJ_w-v_6quAEoc9KKQkH79EzKVQFdw4ELXag==\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":167,"size_decoded":167,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"f5d40b7259645010f9a248858ad14178","sha1":"b3051d17a6ec8c9e166bf09a62b48261ab86957b","sha256":"7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d","sha512":"1e82bc2d067f726670b3e6054d73e57868f6e7c50eb979696bf927daeef699f2d8f8de201e8252b86b0e9f86dc69e5037fc9fa08ef6c271b033f29d4f0f4c1aa","ssdeep":"","tlshash":"29c08cae6f022c88f8e73b38a1c36260e2ec80309299041112b00607f0cf0978ed23d2","first_seen":"2023-04-05T02:48:14Z","last_seen":"2025-08-07T12:04:07.743717Z","times_seen":5041,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"ip":{"addr":"143.204.55.79","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:19.060Z","timestamp":1725510139060,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html\r\ncontent-length: 915\r\nserver: CloudFront\r\ndate: Thu, 05 Sep 2024 04:22:19 GMT\r\nvia: 1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront), 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront), 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA56-P11, FRA56-P11, OSL50-C1\r\nx-cache: Error from cloudfront\r\nx-amz-cf-id: YQy98eFylbilqs9ZdNpts3-UvXKiTgSe4iAuBW258a3JGtmuIa-GWw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":915,"size_decoded":915,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6dc5f4be0c75f4add3ee0861fcf4275d","sha1":"e474389dd63c2161ef8f19e1ca1f041afd9c09bb","sha256":"a5c177012e65ebb355e22c22f39e75b51924c2fefec23af05e39159e381d8de4","sha512":"02efedaf884f1162569487bbd56c820eec0bfccf5dfd32cd2c913aafb27721a4dfe087fe4b3d4b8b366194f4e2197b14e9bf362819787500868b105cedea57b7","ssdeep":"","tlshash":"7d11b76fe84c21034152b445ef889f38662561bed1b1415960b5109e20567e4c3e60c1","first_seen":"2024-09-19T22:32:24.864328Z","last_seen":"2024-09-19T22:32:24.864328Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/favicon.ico","fqdn":"4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net","domain":"akrd.net","tld":"net"},"ip":{"addr":"143.204.55.79","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/","date":"2024-09-05T04:22:19.245Z","timestamp":1725510139245,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"akrd.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 12 Feb 2024 00:00:00 GMT","end":"Wed, 12 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"82:C0:0A:DD:4B:3F:7E:C3:01:E0:0D:93:C2:CD:A4:74:3B:4A:70:69","sha256":"24:08:93:25:34:1C:0A:0C:31:59:C1:D6:C5:17:3F:94:B5:30:72:A2:F2:31:54:24:73:C0:02:7B:39:5E:EF:6D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4r6imbxkapaxn6mqrsopmmvbzeyc27punsquhnp6xwusovxibrma.akrd.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html\r\ncontent-length: 915\r\nserver: CloudFront\r\ndate: Thu, 05 Sep 2024 04:22:19 GMT\r\nvia: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront), 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront), 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA56-P11, FRA56-P11, OSL50-C1\r\nx-cache: Error from cloudfront\r\nx-amz-cf-id: RpjnaPW2_ZH7EmWvuCen9g6tGveeZ0YV1e-4Sp-ee3Btb2ZKJOf0MA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":915,"size_decoded":915,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dbcc3c2c8ba0a2c88f15f23c947a5e11","sha1":"d85e90dc20839d0015c25bdd96b5253dada6f0a1","sha256":"f64b7fb7b156dbfe38f84e760e13ca43a38d59a0bd712f7d8e17ae0ae77cd7af","sha512":"9a06cb7f8facbc9fe18bd013acd0a507b84df585c989cb2aa297f77180b172f2eb522e1d91b9482942bbdfde64593e3b09181c4a1a899557929c707d57f30a25","ssdeep":"","tlshash":"f311b7bfd84c211241527055ef888b2c663555fad6b15184a16540aa31663e8c3e91c2","first_seen":"2024-09-19T22:32:24.865753Z","last_seen":"2024-09-19T22:32:24.865753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"akrd.net","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}