{"report_id":"37cecd33-790b-46b0-8ea0-e893ce769c98","version":6,"status":"done","tags":[],"date":"2024-08-11T01:12:23Z","url":{"schema":"http","addr":"www.sqlbackupmaster.com/Content/download/sbm-setup.exe?cachebuster=20240805104504","fqdn":"www.sqlbackupmaster.com","domain":"sqlbackupmaster.com","tld":"com"},"ip":{"addr":"40.114.114.106","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T02:43:19Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":7,"received_data":6214,"sent_data":2289,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.sqlbackupmaster.com","ip":{"addr":"40.114.114.106","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":1,"request_count":1,"received_data":33150927,"sent_data":535,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"0483ff2b9382e11b33f97b35e62d8d41","sha1":"0a5b5081bdedd90b7a5183343dc4be720c01c80f","sha256":"300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","sha512":"ed774140b89c712eccfdbcdaf06004382ff715c71f1a043897cdad48d8adeeac69e8dc3765029b432562a89644c109ff3993f60a6f53e7a3d9e8dc424508b9d5","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":33150456,"url":{"schema":"https","addr":"www.sqlbackupmaster.com/Content/download/sbm-setup.exe?cachebuster=20240805104504","fqdn":"www.sqlbackupmaster.com","domain":"sqlbackupmaster.com","tld":"com"},"ip":{"addr":"40.114.114.106","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-10","alert":"Scan result 4/74","trigger":"300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","verdict":"suspicious","severity":"","comment":"suspicious - 4/74","link":"https://www.virustotal.com/gui/file/300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:57.205602299Z","timestamp":1723338717205,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B4615115FB27E0022749B39770207B4428A6DCACB53544C8F811F55EF9EB288F\"\r\nLast-Modified: Thu, 08 Aug 2024 18:56:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18376\r\nExpires: Sun, 11 Aug 2024 06:18:13 GMT\r\nDate: Sun, 11 Aug 2024 01:11:57 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"5ba4a4d5001d3c1bb220558ffadb6288","sha1":"35124980489553fa524dee96738aa3214321eb4f","sha256":"b4615115fb27e0022749b39770207b4428a6dcacb53544c8f811f55ef9eb288f","sha512":"ddf9c87deacefe1395e08ed78b50fa4c47bd777787aa96f0414a722b7b6aec831ac7a253ab61cd89363401a45d3f9a19596ef707085fd101616a33f4edbae605","ssdeep":"","tlshash":"4cf00e3116923e81fea047023fe5dcab1f39e978347518ba38d80ae128157bc4988446","first_seen":"2024-08-08T22:52:57Z","last_seen":"2024-08-19T14:09:00.443992Z","times_seen":18416,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:57.234184748Z","timestamp":1723338717234,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F53B9B17675CE2F387B3FCFF02C39ECC355E1FD81756731257C59EA22115C519\"\r\nLast-Modified: Thu, 08 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20236\r\nExpires: Sun, 11 Aug 2024 06:49:13 GMT\r\nDate: Sun, 11 Aug 2024 01:11:57 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b278ebaf27c527785e85180da86b54f9","sha1":"ee87bf3d735648b0734efe705977f9b86155fcbd","sha256":"f53b9b17675ce2f387b3fcff02c39ecc355e1fd81756731257c59ea22115c519","sha512":"cb3aaf33a3d79063fb2a85a6e422c3d0096fc55946a45e0a6cd52439a18ab5bc4107c2968af39845b807e4b95c75bd035fc6d40d9e798b5739da16f03bbfed38","ssdeep":"","tlshash":"61f0054a17556ed1f374e30016f1f15f1d11da7c391a99d13cc181f17882f89890860c","first_seen":"2024-08-08T23:58:07Z","last_seen":"2024-08-19T14:08:28.268493Z","times_seen":30651,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:57.717418955Z","timestamp":1723338717717,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F6E3FF7FE8C3E33CC9A5F443E3772734A7026EC834F48A39703F23467F33C23F\"\r\nLast-Modified: Thu, 08 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9191\r\nExpires: Sun, 11 Aug 2024 03:45:08 GMT\r\nDate: Sun, 11 Aug 2024 01:11:57 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9ee33ad49fc95cbec52887b67a3f8f92","sha1":"a692164ae79e5d194dac7945b76eb493f261a103","sha256":"f6e3ff7fe8c3e33cc9a5f443e3772734a7026ec834f48a39703f23467f33c23f","sha512":"88064188dfed9871f57970b00729f392ee66bc3adce0dc1bc3ced83d8c6bee3a34bca114f12cccc5405d6fe9a0269d541ae9354bb7dd32b964a3e304dac39f71","ssdeep":"","tlshash":"3ef00543157d7ed2e7b81b062d9ac42f1f28fbb504997e74758551836440bd4ce8654c","first_seen":"2024-08-09T02:22:28Z","last_seen":"2024-08-19T14:07:43.139141Z","times_seen":32385,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:57.998810329Z","timestamp":1723338717998,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CB2873C69274D15B03F8AAA26260D7A2341F2E276F876F444F1FEE5679266653\"\r\nLast-Modified: Thu, 08 Aug 2024 18:57:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2753\r\nExpires: Sun, 11 Aug 2024 01:57:50 GMT\r\nDate: Sun, 11 Aug 2024 01:11:57 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41f3021c1502428798a392f3c2ef0fc8","sha1":"c7a61247c753e72345e5c4504056a09889a3916e","sha256":"cb2873c69274d15b03f8aaa26260d7a2341f2e276f876f444f1fee5679266653","sha512":"8d71d699669ff3a221ac28d20b29aaef3d5973e154e3ae8acca093257a36615c3c08ee3a321b7080051654534aca29864cf013481b1245010bc9e9f3d7733f95","ssdeep":"","tlshash":"94f0050519b4799077730b155ef6f5173d21fe2e24583493158804c5e84bf7d06c009c","first_seen":"2024-08-08T21:17:25Z","last_seen":"2024-08-19T14:09:34.891082Z","times_seen":26433,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:59.623442226Z","timestamp":1723338719623,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EB81057E97FC772C3B55FF2D175797A88DB6035F09ED472DCF8604E3C9434D1B\"\r\nLast-Modified: Thu, 08 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20399\r\nExpires: Sun, 11 Aug 2024 06:51:58 GMT\r\nDate: Sun, 11 Aug 2024 01:11:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cb72b4c8c0043447fb191d29a2987907","sha1":"b21349d4cefa64181af49f91f868ffffb136a54a","sha256":"eb81057e97fc772c3b55ff2d175797a88db6035f09ed472dcf8604e3c9434d1b","sha512":"fedf1ca548c38c303cf41daf3686e44c203fe5aff3ba2b08b7ea6cb3282e2f6dd557c14e8e9ea093f05c92a2f181038e5887e0d841bb67376cdbf8692442d9cb","ssdeep":"","tlshash":"fdf00e8022fcbed6b7302412ade2fb5e1a2aec78350c35f534cd42aa2811bbc199108c","first_seen":"2024-08-08T23:58:07Z","last_seen":"2024-08-19T14:08:36.466062Z","times_seen":28705,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:59.624503258Z","timestamp":1723338719624,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EB81057E97FC772C3B55FF2D175797A88DB6035F09ED472DCF8604E3C9434D1B\"\r\nLast-Modified: Thu, 08 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20399\r\nExpires: Sun, 11 Aug 2024 06:51:58 GMT\r\nDate: Sun, 11 Aug 2024 01:11:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cb72b4c8c0043447fb191d29a2987907","sha1":"b21349d4cefa64181af49f91f868ffffb136a54a","sha256":"eb81057e97fc772c3b55ff2d175797a88db6035f09ed472dcf8604e3c9434d1b","sha512":"fedf1ca548c38c303cf41daf3686e44c203fe5aff3ba2b08b7ea6cb3282e2f6dd557c14e8e9ea093f05c92a2f181038e5887e0d841bb67376cdbf8692442d9cb","ssdeep":"","tlshash":"fdf00e8022fcbed6b7302412ade2fb5e1a2aec78350c35f534cd42aa2811bbc199108c","first_seen":"2024-08-08T23:58:07Z","last_seen":"2024-08-19T14:08:36.466062Z","times_seen":28705,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-11T01:11:59.625438938Z","timestamp":1723338719625,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EB81057E97FC772C3B55FF2D175797A88DB6035F09ED472DCF8604E3C9434D1B\"\r\nLast-Modified: Thu, 08 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20399\r\nExpires: Sun, 11 Aug 2024 06:51:58 GMT\r\nDate: Sun, 11 Aug 2024 01:11:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cb72b4c8c0043447fb191d29a2987907","sha1":"b21349d4cefa64181af49f91f868ffffb136a54a","sha256":"eb81057e97fc772c3b55ff2d175797a88db6035f09ed472dcf8604e3c9434d1b","sha512":"fedf1ca548c38c303cf41daf3686e44c203fe5aff3ba2b08b7ea6cb3282e2f6dd557c14e8e9ea093f05c92a2f181038e5887e0d841bb67376cdbf8692442d9cb","ssdeep":"","tlshash":"fdf00e8022fcbed6b7302412ade2fb5e1a2aec78350c35f534cd42aa2811bbc199108c","first_seen":"2024-08-08T23:58:07Z","last_seen":"2024-08-19T14:08:36.466062Z","times_seen":28705,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.sqlbackupmaster.com/Content/download/sbm-setup.exe?cachebuster=20240805104504","fqdn":"www.sqlbackupmaster.com","domain":"sqlbackupmaster.com","tld":"com"},"ip":{"addr":"40.114.114.106","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-11T01:11:57.971Z","timestamp":1723338717971,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.foldersizes.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Mon, 13 May 2024 00:00:00 GMT","end":"Thu, 12 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"2A:64:DC:B1:24:70:5E:8F:76:1D:50:BF:E3:78:4F:7C:5D:01:34:54","sha256":"BE:6A:A3:47:32:58:38:C8:CA:FD:5A:1D:4C:AF:EB:E9:A6:EB:0A:FD:4C:0C:0A:D1:93:D9:CE:19:68:3D:01:21"}}},"request":{"raw":"GET /Content/download/sbm-setup.exe?cachebuster=20240805104504 HTTP/1.1\r\nHost: www.sqlbackupmaster.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=31536000\r\ncontent-type: application/octet-stream\r\nlast-modified: Wed, 31 Jul 2024 01:35:50 GMT\r\naccept-ranges: bytes\r\netag: \"b935b6f9e9e2da1:0\"\r\nserver: Microsoft-IIS/10.0\r\nx-powered-by: ASP.NET\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'\r\nstrict-transport-security: max-age=2592000\r\ndate: Sun, 11 Aug 2024 01:11:58 GMT\r\ncontent-length: 33150456\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33150456,"size_decoded":33150456,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","md5":"0483ff2b9382e11b33f97b35e62d8d41","sha1":"0a5b5081bdedd90b7a5183343dc4be720c01c80f","sha256":"300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","sha512":"ed774140b89c712eccfdbcdaf06004382ff715c71f1a043897cdad48d8adeeac69e8dc3765029b432562a89644c109ff3993f60a6f53e7a3d9e8dc424508b9d5","ssdeep":"786432:W9lzMRum1Qz0eoDr9NdkIvhlr4cGtMVsjVKmWRZc+BsVEVk:W9lzMRum1QQRzkIvhjuAfzsVEK","tlshash":"1e7712317349c86bd56611b01a6c9aab922c6d350f615cc3b3dc7e2e1bb5dc21633e2b","first_seen":"2024-07-31T05:39:38Z","last_seen":"2024-08-19T15:12:08.809018Z","times_seen":48,"resource_available":false,"data":null}},"time_used":5308,"timings":{"blocked":308,"dns":0,"connect":97,"send":0,"wait":97,"receive":4587,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-08-10","alert":"Scan result 4/74","trigger":"300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","verdict":"suspicious","severity":"","comment":"suspicious - 4/74","link":"https://www.virustotal.com/gui/file/300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45","meta":null}],"urlquery":null}}]}