{"report_id":"303f0237-56f4-4043-88e0-8801a98f8cf2","version":6,"status":"done","tags":[],"date":"2024-09-26T14:09:25Z","url":{"schema":"http","addr":"www.icpdas.com/web/product/download/software/utility_driver/esearch/software/utility/Windows/eSearch_Utility_setup_Windows_v130.exe","fqdn":"www.icpdas.com","domain":"icpdas.com","tld":"com"},"ip":{"addr":"50.87.226.148","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-07T07:27:52Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-26 01:59:48","alert_count":0,"request_count":3,"received_data":2664,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.icpdas.com","ip":{"addr":"50.87.226.148","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"1999-06-14","domain_rank":0,"first_seen":"2012-07-20 21:45:34","last_seen":"2024-09-26 09:25:39","alert_count":1,"request_count":1,"received_data":3931688,"sent_data":585,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-26 01:59:56","alert_count":0,"request_count":4,"received_data":3551,"sent_data":1308,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"8797aabf44f2cfcfe3241181661d3019","sha1":"88bd54cef1a95671391fd602b60aad113d09393d","sha256":"2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","sha512":"2c90d37f2764ee6d53d91130c0b8eb357a1019144f815666af023c072bd63baf2388f52981332ff8351bb13be8fdc5dbff04955f74a89fcdd139356fb7955ddc","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","size":3931424,"url":{"schema":"https","addr":"www.icpdas.com/web/product/download/software/utility_driver/esearch/software/utility/Windows/eSearch_Utility_setup_Windows_v130.exe","fqdn":"www.icpdas.com","domain":"icpdas.com","tld":"com"},"ip":{"addr":"50.87.226.148","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2022-11-01","alert":"Scan result 1/67","trigger":"2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","verdict":"suspicious","severity":"","comment":"suspicious - 1/67","link":"https://www.virustotal.com/gui/file/2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:08:59.558403438Z","timestamp":1727359739558,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EC876EDD163EA26B47C9B862C795844F5DD01452095287EA5CD920E3B512672A\"\r\nLast-Modified: Wed, 25 Sep 2024 21:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11815\r\nExpires: Thu, 26 Sep 2024 17:25:54 GMT\r\nDate: Thu, 26 Sep 2024 14:08:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b6ecb6018a51380d08a47460236a395c","sha1":"1ce7fe77c21188624302a660a289fe1ce6e7a9e4","sha256":"ec876edd163ea26b47c9b862c795844f5dd01452095287ea5cd920e3b512672a","sha512":"982ccad2ecd8a1cdbab07f168c596ed1267fbd853f25c546b4dcf376d4ddc2a33e035451f7b6add7d60a133d37977732d1b096f1aced155cc3613a2b106a0d5a","ssdeep":"","tlshash":"54f0055337e5b6509ae1093d24fae1561d752dfb3804a5d9655391d1f1117dc41c1408","first_seen":"2024-09-25T23:43:43Z","last_seen":"2024-10-04T11:30:57.353438Z","times_seen":41560,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:08:59.601136776Z","timestamp":1727359739601,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"779805A4291D90D0100E6B257AE6E81646D272204F8F0D4DA2AA48A2673F4B1E\"\r\nLast-Modified: Thu, 26 Sep 2024 13:24:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21470\r\nExpires: Thu, 26 Sep 2024 20:06:49 GMT\r\nDate: Thu, 26 Sep 2024 14:08:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"26b2b0acc9768970e6a2a5a01ad82734","sha1":"6b6e2e6f647ab6b61366fce8295bf91d720961b8","sha256":"779805a4291d90d0100e6b257ae6e81646d272204f8f0d4da2aa48a2673f4b1e","sha512":"86e8fb3ede77e8d71919f757b6ee98532e43526df63ee00e3ea3745edb3ac4e1297454b2120dd73fc7f0510890e8f608826b7217de15bcf50a5399fdbfcee5b4","ssdeep":"","tlshash":"1df00ea612e2bc45a62b1a34bef4aa1d2e166dfc320452f925c00bd22802be60682c1d","first_seen":"2024-09-26T16:07:46Z","last_seen":"2024-09-28T07:27:55.920996Z","times_seen":4867,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:08:59.852276758Z","timestamp":1727359739852,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E3A32CE3CF72D63E19B8798F97958504386B93F037F1B1C0EE9B1BACEF7B7AB7\"\r\nLast-Modified: Wed, 25 Sep 2024 02:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6564\r\nExpires: Thu, 26 Sep 2024 15:58:23 GMT\r\nDate: Thu, 26 Sep 2024 14:08:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c43e2541e37815678381469c9e5da2d7","sha1":"8826a1dacc67c90e98c00b0b34736b52cc7724ad","sha256":"e3a32ce3cf72d63e19b8798f97958504386b93f037f1b1c0ee9b1bacef7b7ab7","sha512":"3161d33aeca14aab0683661102de1190376f7e65d0c11d34041ef25d2ce4a140f985088bd4202f751e10742846ac04b1a96c2d38869f7fbccfe2ba1706abdf40","ssdeep":"","tlshash":"3bf0054b1369fc945ff13a007d99c713581156d538040bd6b5d4c1e0961079c574450c","first_seen":"2024-09-25T06:46:28Z","last_seen":"2024-09-28T07:52:26.204844Z","times_seen":19111,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:09:00.048216478Z","timestamp":1727359740048,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"350FB41EB348DC3B30943B357E089A3CD9DCC9670285C29485BA02A38EBCBC15\"\r\nLast-Modified: Wed, 25 Sep 2024 02:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12145\r\nExpires: Thu, 26 Sep 2024 17:31:25 GMT\r\nDate: Thu, 26 Sep 2024 14:09:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5df97c10e9a37c02e8e12b302465464","sha1":"b0d9b31bb7dd48f11b58e6f1833798e45dc5a862","sha256":"350fb41eb348dc3b30943b357e089a3cd9dcc9670285c29485ba02a38ebcbc15","sha512":"720410ffc54095a1c50b5ab8184690590697ce2058dcd32f0938f3461659914f7d9e26e1d657cd0c9ff504da318a46f85677d9e3536b9443bb82a126d41c93af","ssdeep":"","tlshash":"87f00e831ba7b82097f85a142c9ae6657e36f1da684059d87cd081d128043ed43e844d","first_seen":"2024-09-25T14:06:52Z","last_seen":"2024-09-28T07:47:30.249315Z","times_seen":16176,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:09:00.472531791Z","timestamp":1727359740472,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"33BF04E2392D3ED2974F5B0788B51D56CFA94B86AF1B5D3A1274035FEAF57F4B\"\r\nLast-Modified: Wed, 25 Sep 2024 07:04:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16329\r\nExpires: Thu, 26 Sep 2024 18:41:09 GMT\r\nDate: Thu, 26 Sep 2024 14:09:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"7f081580f204ac0489b24ec4b631239b","sha1":"42d18403c5a1586f39ae9f4429d7a4730e638e80","sha256":"33bf04e2392d3ed2974f5b0788b51d56cfa94b86af1b5d3a1274035feaf57f4b","sha512":"97ae081e3e88ec4fea1566b209cbee799e1a90f9bb65bb73b0e27eb8a4b2e0203792717ddfd24e4d7cf0470b6f614644590ef9fba694c0765dab6f14ed3df83b","ssdeep":"","tlshash":"a0f005c40e17b59055214d38bcedc532257568fe165516e244e4d3f639127bd000080c","first_seen":"2024-09-28T07:27:54.309954Z","last_seen":"2024-09-28T07:27:54.309954Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:09:01.638535672Z","timestamp":1727359741638,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15287\r\nExpires: Thu, 26 Sep 2024 18:23:48 GMT\r\nDate: Thu, 26 Sep 2024 14:09:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-26T14:09:01.642329237Z","timestamp":1727359741642,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230\"\r\nLast-Modified: Wed, 25 Sep 2024 02:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15287\r\nExpires: Thu, 26 Sep 2024 18:23:48 GMT\r\nDate: Thu, 26 Sep 2024 14:09:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c16a3fe398c09ad4d309c60911d6a6b6","sha1":"dc1148076d45d128cb6d0780ac0467aeba0902e9","sha256":"5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230","sha512":"06add46bb918587ee4ef9c40500ad7c0717bdec77cd5a7d743110fb01ec97f05d26e4f6134d0b56362c7426296f9b3072348a2d793cd367b04d8645bf0e30e07","ssdeep":"","tlshash":"acf0c0132f61ad40857c392a9ce8d43b6521316c0c0869e169e992d3a5117ed1019704","first_seen":"2024-09-25T12:57:56Z","last_seen":"2024-09-28T07:48:18.846668Z","times_seen":21781,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.icpdas.com/web/product/download/software/utility_driver/esearch/software/utility/Windows/eSearch_Utility_setup_Windows_v130.exe","fqdn":"www.icpdas.com","domain":"icpdas.com","tld":"com"},"ip":{"addr":"50.87.226.148","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-26T14:09:00.112Z","timestamp":1727359740112,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.icpdas.com.tw","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Aug 2024 06:14:35 GMT","end":"Wed, 20 Nov 2024 06:14:34 GMT"},"fingerprint":{"sha1":"D5:BE:7E:70:37:8C:F2:12:32:04:71:3C:75:BB:7B:98:E1:F9:20:53","sha256":"7F:2C:A3:25:EE:5F:84:79:EC:14:21:D6:09:35:C7:3B:40:C9:7F:6A:3D:99:C2:14:F8:27:43:E1:B7:7C:EC:20"}}},"request":{"raw":"GET /web/product/download/software/utility_driver/esearch/software/utility/Windows/eSearch_Utility_setup_Windows_v130.exe HTTP/1.1\r\nHost: www.icpdas.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 25 Aug 2022 01:50:20 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3931424\r\nhost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==\r\ncontent-type: application/x-msdownload\r\ndate: Thu, 26 Sep 2024 14:09:00 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3931424,"size_decoded":3931424,"mime_type":"application/x-msdownload","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","md5":"8797aabf44f2cfcfe3241181661d3019","sha1":"88bd54cef1a95671391fd602b60aad113d09393d","sha256":"2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","sha512":"2c90d37f2764ee6d53d91130c0b8eb357a1019144f815666af023c072bd63baf2388f52981332ff8351bb13be8fdc5dbff04955f74a89fcdd139356fb7955ddc","ssdeep":"98304:Z5haO9a7eUHsTVeuBzlAYxjkTvNYSH+SFT+tNRZ4mDn:gIa7dHs0uBzlLxALH+SRENr4m","tlshash":"f90633a273f12131e461c8366ecca5d52c93f8701d3b804c778f5dbe5e26a51bb4a26b","first_seen":"2024-09-28T07:27:54.312301Z","last_seen":"2024-09-28T07:27:54.312301Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2344,"timings":{"blocked":362,"dns":1,"connect":175,"send":0,"wait":345,"receive":1274,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2022-11-01","alert":"Scan result 1/67","trigger":"2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","verdict":"suspicious","severity":"","comment":"suspicious - 1/67","link":"https://www.virustotal.com/gui/file/2d524877f2311518b7b2bf85b6d5ee470e13f32ecc16c48f358a8c8f5582c621","meta":null}],"urlquery":null}}]}