{"report_id":"508c1be5-ed37-4a9a-875d-c79a145a8e7b","version":6,"status":"done","tags":[],"date":"2023-12-24T07:34:12Z","url":{"schema":"http","addr":"btc-tools.org/download/BTCTools-v1.3.3.zip","fqdn":"btc-tools.org","domain":"btc-tools.org","tld":"org"},"ip":{"addr":"172.67.200.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T06:48:43Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"veritate-cloud.sbs","ip":{"addr":"104.21.63.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-11-29","domain_rank":0,"first_seen":"2023-11-29 12:34:45","last_seen":"2023-11-29 12:34:45","alert_count":0,"request_count":1,"received_data":20041024,"sent_data":514,"comment":"","tags":null,"fingerprints":null},{"fqdn":"btc-tools.org","ip":{"addr":"172.67.200.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":20041647,"sent_data":786,"comment":"","tags":null,"fingerprints":null},{"fqdn":"status.geotrust.com","ip":{"addr":"192.229.221.95","port":0,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"1999-04-04","domain_rank":3662,"first_seen":"2017-12-01 09:55:31","last_seen":"2023-12-23 18:22:23","alert_count":0,"request_count":1,"received_data":642,"sent_data":343,"comment":"","tags":null,"fingerprints":null},{"fqdn":"url.btc.com","ip":{"addr":"8.219.222.161","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"1997-03-25","domain_rank":0,"first_seen":"2017-07-24 17:34:02","last_seen":"2023-06-12 05:29:05","alert_count":0,"request_count":1,"received_data":20040706,"sent_data":496,"comment":"","tags":null,"fingerprints":null},{"fqdn":"download.btc.com","ip":{"addr":"104.18.23.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1997-03-25","domain_rank":0,"first_seen":"2019-10-28 09:10:33","last_seen":"2023-11-05 17:41:47","alert_count":0,"request_count":1,"received_data":20040399,"sent_data":586,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"78558c31ec4a4d3788c25554c7ae15bb","sha1":"a727394903a80c7df78d78b476b88994e00e3837","sha256":"86062470ea90f8e53060aba0be773b38063295565d5fef965d8679c9b4cb856b","sha512":"451f43a0d644fbfb305e77dff04f47702b6ce27e83c24891f67e2932900ba231d567f68c0bf2b5a02a9df22bc581f68cc6ee10cf3599139981d485c8df1280dc","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":20039824,"url":{"schema":"https","addr":"url.btc.com/btc-tools-download","fqdn":"url.btc.com","domain":"btc.com","tld":"com"},"ip":{"addr":"8.219.222.161","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"archive":[{"path":"BTCTools-v1.3.3.exe","filename":"BTCTools-v1.3.3.exe","modified":"","Modified":"2022-03-05T14:06:40+08:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 7 sections","size":47876288,"md5":"6f51e82cad5defbaf35d92f0d1ac6347","sha1":"83a74a4b3f54ec4209535f77583793b1784176de","sha256":"e736a22487d69fe6cb705c03c9b992a0ccba37f2cc2a30b850e56adf9f256f13","sha512":"94ffc74dc10897e7627978dd900d78543bdb76b9cfdfee00953e94ede7b7bf15f865b02dc550d80b156cf6e30e4886205f92f633eb169e5667e878bbcd214195","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2023-12-24","alert":"meth_get_eip","trigger":"BTCTools-v1.3.3.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Willi Ballenthin","date":"2022-06-13","rule":"meth_get_eip","yarahub_author_email":"william.ballenthin@mandiant.com","yarahub_author_twitter":"@williballenthin","yarahub_license":"CC BY 4.0","yarahub_reference_md5":"9727d5c2a5133f3b6a6466cc530a5048","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"666bfd55-7931-454e-beb8-22b5211ab04f"}}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2023-12-24","alert":"meth_get_eip","trigger":"BTCTools-v1.3.3.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Willi Ballenthin","date":"2022-06-13","rule":"meth_get_eip","yarahub_author_email":"william.ballenthin@mandiant.com","yarahub_author_twitter":"@williballenthin","yarahub_license":"CC BY 4.0","yarahub_reference_md5":"9727d5c2a5133f3b6a6466cc530a5048","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"666bfd55-7931-454e-beb8-22b5211ab04f"}}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"btc-tools.org/","fqdn":"btc-tools.org","domain":"btc-tools.org","tld":"org"},"ip":{"addr":"172.67.200.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-24T07:30:07.82565516Z","timestamp":1703403007825,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: btc-tools.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 24 Dec 2023 07:33:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Sun, 24 Dec 2023 08:33:40 GMT\r\nLocation: https://btc-tools.org/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=eP%2F14DH%2BHeFRZG1KiZc%2BnftoyEL8fcOJVqBm3D%2FLjFO1mr%2BayIuzFOJQ8K3A4tvnuYT7Fq8ymU%2BdnQUNtFtKR7c%2F4jG%2FJikQIlFhU%2B%2BureSA3lRHiz9RHPud6HrW3tw3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 83a7284fc8ec0afa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"status.geotrust.com/","fqdn":"status.geotrust.com","domain":"geotrust.com","tld":"com"},"ip":{"addr":"192.229.221.95","port":0,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-24T07:30:14.295186781Z","timestamp":1703403014295,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: status.geotrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=7200\r\nContent-Type: application/ocsp-response\r\nDate: Sun, 24 Dec 2023 07:33:46 GMT\r\nServer: ECAcc (amb/6AB6)\r\nContent-Length: 471\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"1e00ff7d9a541eab7ed3644dacabd173","sha1":"2271b58feeb6219faab428116febceb8a0cfe4ca","sha256":"44e9e4167ea25183ea54da543a15b3f946ba50dc1bbc5cb83fb50697eb65fbb0","sha512":"55f0277470fb00db4528555d227a458b60f6fed7671e2290f6e444dc361ac316a46016b235cfad7d685dd12a4ae799afaa597a13b2db54cc74f017c94f6e380b","ssdeep":"","tlshash":"99f0dc2309b478881a4cfecd72fa9af13502d082099adf6a34fc06a4d5d17f97988162","first_seen":"2024-08-20T15:08:33.848149Z","last_seen":"2024-08-20T15:08:33.848149Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"url.btc.com/btc-tools-download","fqdn":"url.btc.com","domain":"btc.com","tld":"com"},"ip":{"addr":"8.219.222.161","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-24T07:30:13.677Z","timestamp":1703403013677,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.btc.com","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 24 May 2023 00:00:00 GMT","end":"Thu, 23 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"91:F4:31:D3:CD:D9:44:64:8F:7D:A6:3D:90:92:BE:43:C4:34:41:FC","sha256":"8E:4D:F0:E9:97:DD:CF:54:CD:6C:7A:99:BC:0D:6B:41:92:D5:BB:4F:19:47:2C:C2:30:CD:B4:47:D9:67:8E:3D"}}},"request":{"raw":"GET /btc-tools-download HTTP/1.1\r\nHost: url.btc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 24 Dec 2023 07:33:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://download.btc.com/btc-tools/BTCTools-v1.3.3-sha256-86062470ea90f8e53060aba0be773b38063295565d5fef965d8679c9b4cb856b.zip\r\nx-powered-by: PHP/7.2.33\r\nx-robots-tag: noindex\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\naccess-control-max-age: 1728000\r\ncontent-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.btc.com www.google-analytics.com; img-src 'self' *.btc.com www.google-analytics.com data:; frame-ancestors 'self' *.btc.com;\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":20039824,"size_decoded":20039824,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"78558c31ec4a4d3788c25554c7ae15bb","sha1":"a727394903a80c7df78d78b476b88994e00e3837","sha256":"86062470ea90f8e53060aba0be773b38063295565d5fef965d8679c9b4cb856b","sha512":"451f43a0d644fbfb305e77dff04f47702b6ce27e83c24891f67e2932900ba231d567f68c0bf2b5a02a9df22bc581f68cc6ee10cf3599139981d485c8df1280dc","ssdeep":"393216:QfTHoq2BLPt5LD6aNYWwoC0sNxIQPTzyYM5VDia9wIzqu5+FTH9:Aartxe9oC0sNxeJxVwI+k2J","tlshash":"d6173399c9a0ea8ef67efd17c8f1e84e941202f78063583f601ec7a352c7a9865f554c","first_seen":"2023-12-24T08:34:23Z","last_seen":"2024-09-19T22:05:18.229028Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1512,"timings":{"blocked":619,"dns":26,"connect":257,"send":0,"wait":274,"receive":0,"ssl":334},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download.btc.com/btc-tools/BTCTools-v1.3.3-sha256-86062470ea90f8e53060aba0be773b38063295565d5fef965d8679c9b4cb856b.zip","fqdn":"download.btc.com","domain":"btc.com","tld":"com"},"ip":{"addr":"104.18.23.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-24T07:30:14.575Z","timestamp":1703403014575,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Thu, 06 Apr 2023 00:00:00 GMT","end":"Fri, 05 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"2B:20:F1:18:25:8C:5A:BF:15:17:CB:D8:EB:D2:80:7B:54:41:74:A9","sha256":"5F:D7:F3:7B:C7:94:79:E2:D6:9C:59:E9:78:2D:F9:4C:A3:22:61:C3:88:D6:D8:2A:EE:07:05:27:8E:1C:B3:4A"}}},"request":{"raw":"GET /btc-tools/BTCTools-v1.3.3-sha256-86062470ea90f8e53060aba0be773b38063295565d5fef965d8679c9b4cb856b.zip HTTP/1.1\r\nHost: download.btc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 24 Dec 2023 07:33:47 GMT\r\ncontent-type: application/zip\r\ncontent-length: 20039824\r\nx-oss-request-id: 6587DEDBF53B5C33383BC20D\r\netag: \"78558C31EC4A4D3788C25554C7AE15BB\"\r\nlast-modified: Wed, 31 May 2023 09:35:28 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11781972866569522559\r\nx-oss-storage-class: Standard\r\ncontent-md5: eFWMMexKTTeIwlVUx64Vuw==\r\nx-oss-server-time: 36\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 83a7287ab8d0b511-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20039824,"size_decoded":20039824,"mime_type":"application/zip","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":3186,"timings":{"blocked":103,"dns":90,"connect":1,"send":0,"wait":533,"receive":2446,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"btc-tools.org/download/BTCTools-v1.3.3.zip","fqdn":"btc-tools.org","domain":"btc-tools.org","tld":"org"},"ip":{"addr":"104.21.21.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-24T07:30:04.834Z","timestamp":1703403004834,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btc-tools.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Oct 2023 04:19:39 GMT","end":"Sun, 28 Jan 2024 04:19:38 GMT"},"fingerprint":{"sha1":"E6:29:F6:96:C6:9F:06:58:47:C3:FA:2C:77:DF:07:9A:5C:E6:B0:FD","sha256":"71:05:05:D4:80:63:02:3B:2B:95:CF:36:A0:7D:75:1C:E5:C8:43:17:47:39:8C:EC:9B:6E:93:56:35:A2:C9:FB"}}},"request":{"raw":"GET /download/BTCTools-v1.3.3.zip HTTP/1.1\r\nHost: btc-tools.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Sun, 24 Dec 2023 07:33:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://veritate-cloud.sbs/original/btc-tools-download\r\nx-powered-by: PHP/8.0.6\r\nx-robots-tag: noindex, nofollow\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\nexpires: Mon, 07 Jul 1777 07:07:07 GMT\r\nx-redirect-powered-by: Pretty Link Pro 3.6.1 http://prettylink.com\r\nx-redirect-by: WordPress\r\ncf-cache-status: BYPASS\r\nset-cookie: prli_click_2=download%2FBTCTools-v1.3.3.zip; expires=Tue, 23-Jan-2024 07:33:44 GMT; Max-Age=2592000; path=/; secure\nprli_visitor=6587ded8821d5; expires=Mon, 23-Dec-2024 07:33:44 GMT; Max-Age=31536000; path=/; secure\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=PvxTYz7GYJnbE4nG13TlipNQhREwbUxc0JvkON7I0bGLLlpKorxH2Mo6oKgVkIwiWpE8SzkeFUr1uZTyciB9nODoH1pohvLsQ2S2mh6yWjnYlQhrIsj3X81P6cuJVqgs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 83a7283d59210b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":20039824,"size_decoded":20039824,"mime_type":"application/zip","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":7440,"timings":{"blocked":31,"dns":3,"connect":4,"send":0,"wait":7380,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veritate-cloud.sbs/original/btc-tools-download","fqdn":"veritate-cloud.sbs","domain":"veritate-cloud.sbs","tld":"sbs"},"ip":{"addr":"104.21.63.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-24T07:30:12.261Z","timestamp":1703403012261,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"veritate-cloud.sbs","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Nov 2023 10:32:33 GMT","end":"Tue, 27 Feb 2024 10:32:32 GMT"},"fingerprint":{"sha1":"13:44:43:A7:72:9E:BA:03:36:D8:D1:97:2C:C0:06:BF:52:AC:F3:E1","sha256":"59:7B:6B:CE:17:18:66:E7:27:C0:F6:1D:52:1C:A7:77:FC:39:15:6F:95:D8:93:BA:40:CB:B2:DE:D8:77:7D:9C"}}},"request":{"raw":"GET /original/btc-tools-download HTTP/1.1\r\nHost: veritate-cloud.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Sun, 24 Dec 2023 07:33:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://url.btc.com/btc-tools-download\r\nx-powered-by: PHP/8.0.30\r\nset-cookie: prli_click_9=original%2Fbtc-tools-download; expires=Tue, 23-Jan-2024 07:33:45 GMT; Max-Age=2592000; path=/; secure\nprli_visitor=6587ded9106d1; expires=Mon, 23-Dec-2024 07:33:45 GMT; Max-Age=31536000; path=/; secure\r\nx-robots-tag: noindex, nofollow\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0,pre-check=0\r\npragma: no-cache\r\nexpires: Mon, 07 Jul 1777 07:07:07 GMT\r\nx-redirect-powered-by: Pretty Link Beginner 3.3.2 http://prettylink.com\r\nx-redirect-by: WordPress\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Uk2ZEUtjRpcSo8hHuM6DwdxahVp3f4F2H57jH9YGyvnw7sF4XO9lJWmUhPYN5nWQqEIWwx7ZJWX8fjctOb%2F1WVbOH8rQEaUGypVlPFWT413gpAep9CSWKNmKn26lxHk%2BK3GzeCU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 83a7286c1e635691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":20039824,"size_decoded":20039824,"mime_type":"application/zip","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T18:09:27.649541Z","times_seen":14112422,"resource_available":true,"data":null}},"time_used":1484,"timings":{"blocked":79,"dns":59,"connect":2,"send":0,"wait":1325,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}