{"report_id":"1c71c0c3-aef6-4ea8-8537-660a24ef2d79","version":6,"status":"done","tags":[],"date":"2024-08-31T06:16:51Z","url":{"schema":"http","addr":"fn-instant-performance-mode.netlify.app/fn-instant-performance-mode.exe","fqdn":"fn-instant-performance-mode.netlify.app","domain":"fn-instant-performance-mode.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.156.224.161","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-09T08:27:30Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-30 18:12:14","alert_count":0,"request_count":4,"received_data":3550,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-30 18:12:09","alert_count":0,"request_count":3,"received_data":2664,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fn-instant-performance-mode.netlify.app","ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":341963,"sent_data":527,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"28736ccf8a8cd640529e2db0680d1db8","sha1":"a26d521719391797f46fe1b600de638c75bfe4c7","sha256":"0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","sha512":"8e541514d8b00e9cf35f3d006c2a47d27b07a4e147cce9a96eaa3e686d3c8cb4a2322a601df54c9f6775c6ba8285c513e1af01a84cdc9178a8a5507e91325979","magic":"PE32+ executable (console) x86-64, for MS Windows, 6 sections","size":341504,"url":{"schema":"https","addr":"fn-instant-performance-mode.netlify.app/fn-instant-performance-mode.exe","fqdn":"fn-instant-performance-mode.netlify.app","domain":"fn-instant-performance-mode.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-31","alert":"Scan result 48/73","trigger":"0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","verdict":"malicious","severity":"","comment":"malicious - 48/73","link":"https://www.virustotal.com/gui/file/0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:26.117838193Z","timestamp":1725084986117,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"35A446CEA345DBDB2C297726A3D6CC5F1088F4F9A3F65904C3B9655056EFDA06\"\r\nLast-Modified: Thu, 29 Aug 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5045\r\nExpires: Sat, 31 Aug 2024 07:40:31 GMT\r\nDate: Sat, 31 Aug 2024 06:16:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c3d1bfb12515d2f23214f980f7a18b8c","sha1":"24cc3d9048888cc7e1f4ff42b8fdc1c16c9feb46","sha256":"35a446cea345dbdb2c297726a3d6cc5f1088f4f9a3f65904c3b9655056efda06","sha512":"fea4fd9597129b2c5994efceed92d62077e51cacbf6aa7a8f7dc23422954f7ed17c4dbe13ba3622c4a7715632fbf4f811fcf1424d52104fd70fe6bd0d547ba93","ssdeep":"","tlshash":"70f00553b235bd0165f0560537a5c0709d15bcad3410cbc2d05d8265bda67eac18600c","first_seen":"2024-08-29T11:20:29Z","last_seen":"2024-09-20T20:16:30.160025Z","times_seen":25767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:26.120954521Z","timestamp":1725084986120,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A\"\r\nLast-Modified: Sat, 31 Aug 2024 00:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=19692\r\nExpires: Sat, 31 Aug 2024 11:44:38 GMT\r\nDate: Sat, 31 Aug 2024 06:16:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"404e3e4520c09fcce1358b1a21f6b171","sha1":"040aa03460f3d7ec6f75cae0bf5a462a4bb9798d","sha256":"f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a","sha512":"c6aeb0600af58d7b976deb390ccb1c0859bc7c7ab55009bb167c7045d9e3cf01720a61fde3cb6ece0776bf36becf6e8002e7cfb6740be1d0526213a3a08b2598","ssdeep":"","tlshash":"32f00ee1022efe41daf651021fa4f81a2f327eff394409f1054016923404ffd8a05094","first_seen":"2024-08-31T02:24:41Z","last_seen":"2024-09-20T20:16:30.159732Z","times_seen":36159,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:26.530281524Z","timestamp":1725084986530,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349\"\r\nLast-Modified: Sat, 31 Aug 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20409\r\nExpires: Sat, 31 Aug 2024 11:56:35 GMT\r\nDate: Sat, 31 Aug 2024 06:16:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"231aa156f55dd8497dca6a2066312be3","sha1":"741432c8275492eb38bba5d0841685dc4f864fee","sha256":"f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349","sha512":"55246c200dfe81e5fdeb1dcfcd16e969e9a425860bf47f2cf5f9c8554e2e77361a6bb81c8185d3f361c0fff3ec5272451f83c73b13125c28e6e7995e5f1b7eb1","ssdeep":"","tlshash":"f9f0050517bc6910feac14755ab5d51d9d10adfe307500c454e045e0b501be71e1456c","first_seen":"2024-08-31T07:59:12Z","last_seen":"2024-09-20T20:16:30.160355Z","times_seen":25067,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:26.79745585Z","timestamp":1725084986797,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"441E957BCA9AFB4A865DF5362C94CC68DF8071610EF8C8B49EC682BF57D81B4E\"\r\nLast-Modified: Wed, 28 Aug 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5040\r\nExpires: Sat, 31 Aug 2024 07:40:26 GMT\r\nDate: Sat, 31 Aug 2024 06:16:26 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41d99bdb0bce7036541a169e82b157fd","sha1":"448d08018f9868e2a7ccda7a3bdc81242cfdb412","sha256":"441e957bca9afb4a865df5362c94cc68df8071610ef8c8b49ec682bf57d81b4e","sha512":"7896b6ae1bde62511109d88df24a259f23be8a1ba5254d15096fffa49eb32d780b185494b4e174af3522430d5a4b15afccb9748a6202cb363922780365589bc3","ssdeep":"","tlshash":"06f00ec513a57d84bff192117feac24b6e136db83d3084d168c460e2e5c0be85e98488","first_seen":"2024-08-28T17:54:43Z","last_seen":"2024-08-31T08:36:18.055778Z","times_seen":16532,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:28.704706959Z","timestamp":1725084988704,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF\"\r\nLast-Modified: Sat, 31 Aug 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13282\r\nExpires: Sat, 31 Aug 2024 09:57:50 GMT\r\nDate: Sat, 31 Aug 2024 06:16:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20c9eec1ed6a0f3c730b021493b9e3ec","sha1":"9f241af1cf1513631da05ffbaede6bcd16e93571","sha256":"0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf","sha512":"e88ef4b6c34e69daae6937f06c5e47af96676d9dd23cfcd4d3c048f4d1a016b9fe4e69651cdea7b0b71bce6499d8256b9eda3aad31b1fe8f5d79bf27af89b48a","ssdeep":"","tlshash":"76f00e973720ed011d3c243d9dd6c1361d216afd393225ad03086faa1c3bff942096ac","first_seen":"2024-08-31T05:59:31Z","last_seen":"2024-09-20T20:16:30.1701Z","times_seen":19268,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:28.70572752Z","timestamp":1725084988705,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF\"\r\nLast-Modified: Sat, 31 Aug 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13282\r\nExpires: Sat, 31 Aug 2024 09:57:50 GMT\r\nDate: Sat, 31 Aug 2024 06:16:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20c9eec1ed6a0f3c730b021493b9e3ec","sha1":"9f241af1cf1513631da05ffbaede6bcd16e93571","sha256":"0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf","sha512":"e88ef4b6c34e69daae6937f06c5e47af96676d9dd23cfcd4d3c048f4d1a016b9fe4e69651cdea7b0b71bce6499d8256b9eda3aad31b1fe8f5d79bf27af89b48a","ssdeep":"","tlshash":"76f00e973720ed011d3c243d9dd6c1361d216afd393225ad03086faa1c3bff942096ac","first_seen":"2024-08-31T05:59:31Z","last_seen":"2024-09-20T20:16:30.1701Z","times_seen":19268,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-31T06:16:28.706595717Z","timestamp":1725084988706,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF\"\r\nLast-Modified: Sat, 31 Aug 2024 02:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13282\r\nExpires: Sat, 31 Aug 2024 09:57:50 GMT\r\nDate: Sat, 31 Aug 2024 06:16:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"20c9eec1ed6a0f3c730b021493b9e3ec","sha1":"9f241af1cf1513631da05ffbaede6bcd16e93571","sha256":"0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf","sha512":"e88ef4b6c34e69daae6937f06c5e47af96676d9dd23cfcd4d3c048f4d1a016b9fe4e69651cdea7b0b71bce6499d8256b9eda3aad31b1fe8f5d79bf27af89b48a","ssdeep":"","tlshash":"76f00e973720ed011d3c243d9dd6c1361d216afd393225ad03086faa1c3bff942096ac","first_seen":"2024-08-31T05:59:31Z","last_seen":"2024-09-20T20:16:30.1701Z","times_seen":19268,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn-instant-performance-mode.netlify.app/fn-instant-performance-mode.exe","fqdn":"fn-instant-performance-mode.netlify.app","domain":"fn-instant-performance-mode.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-31T06:16:26.746Z","timestamp":1725084986746,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 15 Jan 2024 00:00:00 GMT","end":"Fri, 14 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B","sha256":"AA:4D:46:AE:95:9D:19:31:CE:8D:DC:9E:B0:3C:C0:53:C0:5E:DB:94:3D:04:AE:CC:96:15:B6:72:B6:07:A4:41"}}},"request":{"raw":"GET /fn-instant-performance-mode.exe HTTP/1.1\r\nHost: fn-instant-performance-mode.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/x-dosexec\r\ndate: Sat, 31 Aug 2024 06:16:27 GMT\r\netag: \"7347cfe925c312cfdf1d80dff6e38be8-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01J6KH7VF845NJBZGTV0EPBJBB\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":341504,"size_decoded":341504,"mime_type":"application/x-dosexec","magic":"PE32+ executable (console) x86-64, for MS Windows, 6 sections","md5":"28736ccf8a8cd640529e2db0680d1db8","sha1":"a26d521719391797f46fe1b600de638c75bfe4c7","sha256":"0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","sha512":"8e541514d8b00e9cf35f3d006c2a47d27b07a4e147cce9a96eaa3e686d3c8cb4a2322a601df54c9f6775c6ba8285c513e1af01a84cdc9178a8a5507e91325979","ssdeep":"3072:TC++fzf1ChQvYX2WGltEQQCsXwZWRcR/4vO09/YewWi4K872neA/XMHPwrym+PdU:+9fvYBGlthcv","tlshash":"9c74f082b9ec20b5ccb78b7e140a05a686577cbf5282e12d36d5b904db3a4476fb7037","first_seen":"2024-08-10T19:55:30Z","last_seen":"2024-09-20T20:06:38.782659Z","times_seen":24,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":105,"dns":0,"connect":21,"send":0,"wait":175,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-31","alert":"Scan result 48/73","trigger":"0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","verdict":"malicious","severity":"","comment":"malicious - 48/73","link":"https://www.virustotal.com/gui/file/0dbb98a4cb8dfa801f4128fd785235b87a9dbd9690e253e8789fc0ecf9a6dfc2","meta":null}],"urlquery":null}}]}