{"report_id":"9a22ce86-0be5-41a7-8551-12f71f826ad8","version":6,"status":"done","tags":[],"date":"2024-08-04T00:51:06Z","url":{"schema":"http","addr":"download.blipcut.com/go/blipcut_video_translator_8284.exe?rnclid=11715644800104568501","fqdn":"download.blipcut.com","domain":"blipcut.com","tld":"com"},"ip":{"addr":"104.18.20.212","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T07:02:12Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":7,"received_data":6212,"sent_data":2289,"comment":"","tags":null,"fingerprints":null},{"fqdn":"download.blipcut.com","ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":2,"received_data":1573737,"sent_data":1056,"comment":"","tags":null,"fingerprints":null},{"fqdn":"go.blipcut.com","ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":1,"received_data":787723,"sent_data":608,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"34b66ba7efac1e7210a49c60abbbc046","sha1":"dc641ef256c8bbfb53303b4e1b57b8660133ee6e","sha256":"595e9e830166307659e62822a724929f04fd35a58b828395feeb0dedd7adad7a","sha512":"90ba072ba579c4ee3d91f07f31ec37bedcc4d7202515d7ccc4cdf6c086f0c98a3eccd371ca97a5c814bd0ee9d363a05ee67f9dd073cf09e371d8752cddc5380a","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","size":786432,"url":{"schema":"https","addr":"download.blipcut.com/downloads/blipcut_video_translator.exe","fqdn":"download.blipcut.com","domain":"blipcut.com","tld":"com"},"ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-08-04T00:50:47Z","timestamp":1722732647,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48468,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-08-04T00:50:47.196937+0000\",\"flow_id\":1311647844838860,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48468,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bossu247.duckdns.org\",\"url\":\"/16714618c0dec3727bb56b58c48fe9b7/disabled.php/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":621,\"bytes_toclient\":116,\"start\":\"2024-08-04T00:48:28.830924+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-08-04T00:50:47Z","timestamp":1722732647,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48492,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-08-04T00:50:47.197348+0000\",\"flow_id\":608059187364239,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48492,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bossu247.duckdns.org\",\"url\":\"/16714618c0dec3727bb56b58c48fe9b7/disabled.php/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":621,\"bytes_toclient\":116,\"start\":\"2024-08-04T00:48:29.688527+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-08-04T00:50:50Z","timestamp":1722732650,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":45738,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-08-04T00:50:50.535150+0000\",\"flow_id\":1031740530836671,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":45738,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bossu247.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":455,\"bytes_toclient\":116,\"start\":\"2024-08-04T00:48:23.607423+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-08-04T00:51:01Z","timestamp":1722732661,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48444,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2024-08-04T00:51:01.244810+0000\",\"flow_id\":1601403518396609,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48444,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bossu247.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":455,\"bytes_toclient\":116,\"start\":\"2024-08-04T00:48:27.403649+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:40.198743006Z","timestamp":1722732640198,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CC1E53796EC8C93A6A4CF66399A32249A405BD6EC1BD7399D5926C11657868A9\"\r\nLast-Modified: Sat, 03 Aug 2024 18:56:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18075\r\nExpires: Sun, 04 Aug 2024 05:51:55 GMT\r\nDate: Sun, 04 Aug 2024 00:50:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aadf4023fd478bb51576a5f2358b225e","sha1":"a9d7b5d1e6a9d4f3fd800815a784607563dae142","sha256":"cc1e53796ec8c93a6a4cf66399a32249a405bd6ec1bd7399d5926c11657868a9","sha512":"8dfbc7de239c4e2eef8c691d434ef3a152c88d99df55e74781102c7de2ddeaa334800f2a2d7883e6b05d60eefe6a4fd9b670f7f51e44273aa9e9068f770d726a","ssdeep":"","tlshash":"97f0055d32d63b04ab71551d19e8e6162dadadb93415557032480bf17418ff8115880c","first_seen":"2024-08-04T01:53:29Z","last_seen":"2024-08-21T14:31:29.01118Z","times_seen":25384,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:40.220898604Z","timestamp":1722732640220,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6D567507B5502A9E553E77B519B679E83B3A8A01896731CEC08BD1DA0699B379\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20070\r\nExpires: Sun, 04 Aug 2024 06:25:10 GMT\r\nDate: Sun, 04 Aug 2024 00:50:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"084406a853d82fa208410ee4bc78b67c","sha1":"1c6276ec2e9a0fa10937dc34d821a64633c7d16a","sha256":"6d567507b5502a9e553e77b519b679e83b3a8a01896731cec08bd1da0699b379","sha512":"ec148540d6f7485ec2c7ee7849c3231a24ade8ff5391eda7f8b6fc229e7db09ff7219b9f10453110959f9422d1ac808ff945fa1f2072d26bc1ff9f88dd9bd7a3","ssdeep":"","tlshash":"8bf0051b266af424575511437decfe162601fafa78b526e13ba402f1145479c19d4c0c","first_seen":"2024-08-04T02:27:20Z","last_seen":"2024-08-21T14:31:29.011788Z","times_seen":24116,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:40.560062347Z","timestamp":1722732640560,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"25CB2E6AD29D4503F32121FBE37E2B0F4CE64A7F6CB57233EBF16DF5D6B78D53\"\r\nLast-Modified: Sat, 03 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12408\r\nExpires: Sun, 04 Aug 2024 04:17:28 GMT\r\nDate: Sun, 04 Aug 2024 00:50:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8bd7201be8d12c4b511d2c5643b45dbc","sha1":"f2ecb2ebafbf4f8d92f92007753001befcedc634","sha256":"25cb2e6ad29d4503f32121fbe37e2b0f4ce64a7f6cb57233ebf16df5d6b78d53","sha512":"bbd9b9ab7b654aac76fc894a763f4a856cd0bcc4413a9da81154c6e8b45423c28eb786789660eb35cfbf31f4562e80adac1d98de674954b75c6aa2c69ce83cf6","ssdeep":"","tlshash":"2af00e520aaabc4077b6861a2ea5ca932aa8fdfa3c0d07f6790043a53818bdd805444c","first_seen":"2024-08-03T21:22:08Z","last_seen":"2024-08-19T14:46:34.54816Z","times_seen":30175,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:40.955950154Z","timestamp":1722732640955,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D059EEDA67B64DD02259F5A9352DF39CC808E3F9E03068A434E0F6486814893D\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4603\r\nExpires: Sun, 04 Aug 2024 02:07:23 GMT\r\nDate: Sun, 04 Aug 2024 00:50:40 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3653abf0951eea060f104ae59d60cf7c","sha1":"75790e8c59cb78c77ab522e7dc7140b62a046bb9","sha256":"d059eeda67b64dd02259f5a9352df39cc808e3f9e03068a434e0f6486814893d","sha512":"606dd92b87628d9b5bffe03d99d23fdb00abdcb0b097d19cff5c40bb8f3bfaf0e3accc6975ca546eb38c992ed1469d6254372fd8745e6e70455ff68b9ee54012","ssdeep":"","tlshash":"99f0053e0676b944636935051de5e0196d00fffe389551d610b8c1d174247eed3f548c","first_seen":"2024-08-04T01:45:18Z","last_seen":"2024-08-21T14:31:29.013823Z","times_seen":29425,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:43.225090384Z","timestamp":1722732643225,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"ED2EE90D287F8197865A711DCCFA26DD2BE9D5EE12F8EA8170DE7DEF17B82FF4\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8802\r\nExpires: Sun, 04 Aug 2024 03:17:25 GMT\r\nDate: Sun, 04 Aug 2024 00:50:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c350bdea34be0056bcbf94491fba7533","sha1":"f5924cf49bcc6dd310024b824003661ab02b68a7","sha256":"ed2ee90d287f8197865a711dccfa26dd2be9d5ee12f8ea8170de7def17b82ff4","sha512":"65a9c5ec970dcf8d23bca82decb1c90d3154d383d7b7d82e3bc0f1ca4e22e15f243c893a7e9ebe32962595174b06f59a58e7683557b7a77bbfc480bfb25f1ba1","ssdeep":"","tlshash":"04f00e73b5f2792657a7241b3bd1d2134ce8fab3346115f17d9049e2b4393e8a48588c","first_seen":"2024-08-04T00:43:11Z","last_seen":"2024-08-19T14:45:05.125832Z","times_seen":13648,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:43.226059835Z","timestamp":1722732643226,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"ED2EE90D287F8197865A711DCCFA26DD2BE9D5EE12F8EA8170DE7DEF17B82FF4\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8802\r\nExpires: Sun, 04 Aug 2024 03:17:25 GMT\r\nDate: Sun, 04 Aug 2024 00:50:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c350bdea34be0056bcbf94491fba7533","sha1":"f5924cf49bcc6dd310024b824003661ab02b68a7","sha256":"ed2ee90d287f8197865a711dccfa26dd2be9d5ee12f8ea8170de7def17b82ff4","sha512":"65a9c5ec970dcf8d23bca82decb1c90d3154d383d7b7d82e3bc0f1ca4e22e15f243c893a7e9ebe32962595174b06f59a58e7683557b7a77bbfc480bfb25f1ba1","ssdeep":"","tlshash":"04f00e73b5f2792657a7241b3bd1d2134ce8fab3346115f17d9049e2b4393e8a48588c","first_seen":"2024-08-04T00:43:11Z","last_seen":"2024-08-19T14:45:05.125832Z","times_seen":13648,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-04T00:50:43.227066736Z","timestamp":1722732643227,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"ED2EE90D287F8197865A711DCCFA26DD2BE9D5EE12F8EA8170DE7DEF17B82FF4\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8802\r\nExpires: Sun, 04 Aug 2024 03:17:25 GMT\r\nDate: Sun, 04 Aug 2024 00:50:43 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c350bdea34be0056bcbf94491fba7533","sha1":"f5924cf49bcc6dd310024b824003661ab02b68a7","sha256":"ed2ee90d287f8197865a711dccfa26dd2be9d5ee12f8ea8170de7def17b82ff4","sha512":"65a9c5ec970dcf8d23bca82decb1c90d3154d383d7b7d82e3bc0f1ca4e22e15f243c893a7e9ebe32962595174b06f59a58e7683557b7a77bbfc480bfb25f1ba1","ssdeep":"","tlshash":"04f00e73b5f2792657a7241b3bd1d2134ce8fab3346115f17d9049e2b4393e8a48588c","first_seen":"2024-08-04T00:43:11Z","last_seen":"2024-08-19T14:45:05.125832Z","times_seen":13648,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download.blipcut.com/go/blipcut_video_translator_8284.exe?rnclid=11715644800104568501","fqdn":"download.blipcut.com","domain":"blipcut.com","tld":"com"},"ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-04T00:50:40.672Z","timestamp":1722732640672,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blipcut.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Jul 2024 09:26:07 GMT","end":"Sat, 26 Oct 2024 10:25:49 GMT"},"fingerprint":{"sha1":"D3:BD:FE:F1:96:F8:86:CC:94:CF:C1:FA:E5:7D:3C:48:9C:00:D1:E1","sha256":"17:CE:C9:17:A6:DE:B3:6F:F7:EC:85:8C:AD:97:6C:4F:45:00:14:66:60:98:7C:E9:9E:CE:8D:DF:5E:1E:E1:10"}}},"request":{"raw":"GET /go/blipcut_video_translator_8284.exe?rnclid=11715644800104568501 HTTP/1.1\r\nHost: download.blipcut.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 04 Aug 2024 00:50:40 GMT\r\ncontent-type: text/html\r\nlocation: https://go.blipcut.com/go?c=download\u0026a=track\u0026name=blipcut_video_translator_8284.exe\u0026back_url=https://download.blipcut.com/downloads/blipcut_video_translator.exe\r\ncf-cache-status: HIT\r\nage: 44\r\nexpires: Sun, 04 Aug 2024 04:50:40 GMT\r\ncache-control: public, max-age=14400\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8ada8dfcca039312-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":786432,"size_decoded":786432,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T09:11:47.12615Z","times_seen":13415969,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":81,"dns":0,"connect":27,"send":0,"wait":40,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go.blipcut.com/go?c=download\u0026a=track\u0026name=blipcut_video_translator_8284.exe\u0026back_url=https://download.blipcut.com/downloads/blipcut_video_translator.exe","fqdn":"go.blipcut.com","domain":"blipcut.com","tld":"com"},"ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-04T00:50:40.851Z","timestamp":1722732640851,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blipcut.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Jul 2024 09:26:07 GMT","end":"Sat, 26 Oct 2024 10:25:49 GMT"},"fingerprint":{"sha1":"D3:BD:FE:F1:96:F8:86:CC:94:CF:C1:FA:E5:7D:3C:48:9C:00:D1:E1","sha256":"17:CE:C9:17:A6:DE:B3:6F:F7:EC:85:8C:AD:97:6C:4F:45:00:14:66:60:98:7C:E9:9E:CE:8D:DF:5E:1E:E1:10"}}},"request":{"raw":"GET /go?c=download\u0026a=track\u0026name=blipcut_video_translator_8284.exe\u0026back_url=https://download.blipcut.com/downloads/blipcut_video_translator.exe HTTP/1.1\r\nHost: go.blipcut.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 04 Aug 2024 00:50:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://download.blipcut.com/downloads/blipcut_video_translator.exe\r\ncache-control: no-cache, private\r\ncf-cache-status: DYNAMIC\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjJEcVBIbmRzWXd4SUU4NnoyejdNUXc9PSIsInZhbHVlIjoiTUQ5b3h1elg3d0I4SXZ1M0lEc1A4bVh6RkVKeElXdUV3eklIaTBQbXZPS1ZyK1k5WEZWOGVxSG9PTnM0UFwvb0ZYQVFFbURGUmN2Q3o1OHhnc28yMHV6aitpTHpOa3VFQVBCWkxySktcL1Bhb0kya2d1M0V6V2ljbFM0dW03NlUyQiIsIm1hYyI6ImFhYmQ4YTcyOWYzZjM4YmQ4ZWU1YjJlNmMzZDgzMmZmYjc5Y2Q1NzVjYmZiMDQ0ZjAwZjM3ZWVjNTVjODg2N2MifQ%3D%3D; expires=Sun, 04-Aug-2024 02:50:40 GMT; Max-Age=7200; path=/\nlaravel_session=eyJpdiI6IndvN1VaSkRqR09rRHk4MXppSXI4ZlE9PSIsInZhbHVlIjoicUw3QUtmQ3FLc0FGM2lKNHpld254RWNjWXpDREg4RFdQVkN6a3JFK3Vua0NXcTkxN3ljVk82OTZ0SzJYOTVvVWhQOTR6dEJBQVFlSXNWbTBSeSticWNKajAxSUdaVFJTNTNZYk1SUFAwTFRuVkdqeXRqVFBHR1o5aWdNWE94alEiLCJtYWMiOiIyOTVjOWIzMTI5MjVlZWI3M2VhMzkwYWRmZjc5MDExNzY0NmNmYzA2ZTIyNmM0ZmRhMmNjN2QxYzM0Yjc0MjM3In0%3D; expires=Sun, 04-Aug-2024 02:50:40 GMT; Max-Age=7200; path=/; httponly\n__cflb=02DiuFSmiBfoL4CdhAn2QDpzXBcfceqo5zwRqtaHQRDe4; SameSite=Lax; path=/; expires=Sun, 04-Aug-24 23:50:41 GMT; HttpOnly\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8ada8dfd5a389312-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":786432,"size_decoded":786432,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T09:11:47.12615Z","times_seen":13415969,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download.blipcut.com/downloads/blipcut_video_translator.exe","fqdn":"download.blipcut.com","domain":"blipcut.com","tld":"com"},"ip":{"addr":"104.18.20.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-04T00:50:41.099Z","timestamp":1722732641099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blipcut.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Jul 2024 09:26:07 GMT","end":"Sat, 26 Oct 2024 10:25:49 GMT"},"fingerprint":{"sha1":"D3:BD:FE:F1:96:F8:86:CC:94:CF:C1:FA:E5:7D:3C:48:9C:00:D1:E1","sha256":"17:CE:C9:17:A6:DE:B3:6F:F7:EC:85:8C:AD:97:6C:4F:45:00:14:66:60:98:7C:E9:9E:CE:8D:DF:5E:1E:E1:10"}}},"request":{"raw":"GET /downloads/blipcut_video_translator.exe HTTP/1.1\r\nHost: download.blipcut.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Aug 2024 00:50:41 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 149775800\r\nlast-modified: Thu, 25 Jul 2024 12:52:29 GMT\r\netag: \"66a24a8d-8ed65b8\"\r\ncf-cache-status: HIT\r\nage: 45\r\nexpires: Sun, 04 Aug 2024 04:50:41 GMT\r\ncache-control: public, max-age=14400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8ada8dfeeb179312-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":786432,"size_decoded":786432,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","md5":"34b66ba7efac1e7210a49c60abbbc046","sha1":"dc641ef256c8bbfb53303b4e1b57b8660133ee6e","sha256":"595e9e830166307659e62822a724929f04fd35a58b828395feeb0dedd7adad7a","sha512":"90ba072ba579c4ee3d91f07f31ec37bedcc4d7202515d7ccc4cdf6c086f0c98a3eccd371ca97a5c814bd0ee9d363a05ee67f9dd073cf09e371d8752cddc5380a","ssdeep":"12288:eadLWD9888888888888W88888888888d7z3MIRHSiUIwoh4sM+rqVda:1BWt0IZSAh4sM+OVM","tlshash":"3af4cfc262b20329f517ca3494a574309c162d68cda3d03aabbfbd0df77d58148a76db","first_seen":"2024-08-04T02:51:07Z","last_seen":"2024-08-19T14:44:13.262071Z","times_seen":2,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":231,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}