{"report_id":"a12d322e-7a63-4ef1-9801-0e0e4edf0e47","version":6,"status":"done","tags":[],"date":"2024-07-23T07:36:20Z","url":{"schema":"http","addr":"the.earth.li/~sgtatham/putty/latest/w32/putty.exe","fqdn":"the.earth.li","domain":"earth.li","tld":"li"},"ip":{"addr":"93.93.131.124","port":0,"asn":44684,"as":"Mythic Beasts Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T08:37:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-22 18:12:14","alert_count":0,"request_count":7,"received_data":6211,"sent_data":2289,"comment":"","tags":null,"fingerprints":null},{"fqdn":"the.earth.li","ip":{"addr":"93.93.131.124","port":443,"asn":44684,"as":"Mythic Beasts Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":249742,"first_seen":"2012-10-27 15:46:20","last_seen":"2024-07-05 12:19:19","alert_count":1,"request_count":2,"received_data":1491063,"sent_data":1004,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"f43852a976edcab5a7c82d248ce242d2","sha1":"446ac2bb76e472c185f56b2b1246910a4438246d","sha256":"4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","sha512":"3b4ab06664cb4c228ef0e85cc38d4035d4d2c0b4febd7fa410da65bbcc7b4eafbec924e8d14f02432125fa3d9fb22e50a87707b1c1028ad5d3f0bfbcd4b4075e","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","size":1490208,"url":{"schema":"https","addr":"the.earth.li/~sgtatham/putty/0.81/w32/putty.exe","fqdn":"the.earth.li","domain":"earth.li","tld":"li"},"ip":{"addr":"93.93.131.124","port":443,"asn":44684,"as":"Mythic Beasts Ltd","country":"United Kingdom","country_code":"GB"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-07-19","alert":"Scan result 3/74","trigger":"4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","verdict":"suspicious","severity":"","comment":"suspicious - 3/74","link":"https://www.virustotal.com/gui/file/4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:52.358578607Z","timestamp":1721720152358,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"FB270CF16706247ADDE7EFD430FE667555CB37EE35EAE763593424A17C624BCD\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13146\r\nExpires: Tue, 23 Jul 2024 11:14:58 GMT\r\nDate: Tue, 23 Jul 2024 07:35:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f58a4b489ef65eff7896802c87e363e7","sha1":"e7287b89b56c66407955bf95bd03133d2e5945d1","sha256":"fb270cf16706247adde7efd430fe667555cb37ee35eae763593424a17c624bcd","sha512":"c065e9f7dd5fe8977e62fc53b2f8f282b9822e5b2da8f892a233a215b0084cb15dcfab72538f71c8b0abfb53fca418c8387e9881640f5d7ec16e245ded101811","ssdeep":"","tlshash":"f5f00548132ebac0bf3d1a261694d5182d24fdfe140828f1ddd441e235e6f993a5c416","first_seen":"2024-07-20T23:43:01Z","last_seen":"2024-08-19T16:14:35.910582Z","times_seen":17507,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:52.362483971Z","timestamp":1721720152362,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"778D02DECABF7DFF03BF5EC4C4EB0F03AC789E89BCFE58353C266C9D66C08834\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3023\r\nExpires: Tue, 23 Jul 2024 08:26:15 GMT\r\nDate: Tue, 23 Jul 2024 07:35:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2f796f6340ac7eef4fa2891ac8f8aa1a","sha1":"27bbc7bb6314b31dcab89f198bc258b040593aa7","sha256":"778d02decabf7dff03bf5ec4c4eb0f03ac789e89bcfe58353c266c9d66c08834","sha512":"332ad8103818d77a6436e42ee756dd6f241b844dc98a7a67b52d01d5541c140e9d3ddabc315afe1c9ea0e094ffa1873c666c65f61ad0a938ca34950b4c0ef429","ssdeep":"","tlshash":"c5f0754600d4bc047fa4051b45e0c2391a30aff84e423fc039d849f1d800f796c8894d","first_seen":"2024-07-21T00:49:07Z","last_seen":"2024-08-19T16:14:10.849697Z","times_seen":22664,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:52.732515151Z","timestamp":1721720152732,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"60C84BB6C568871D3FEBE1E58C6AEDF398FA06F5F7AFC3E6087200BE0A25AD3F\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2737\r\nExpires: Tue, 23 Jul 2024 08:21:29 GMT\r\nDate: Tue, 23 Jul 2024 07:35:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"85a291090b5db764a5b5f1487dcb958f","sha1":"9dadf7a0a7d6be86e491a10bbbc72c84f798cab9","sha256":"60c84bb6c568871d3febe1e58c6aedf398fa06f5f7afc3e6087200be0a25ad3f","sha512":"54d2b0b7b54d879ca308df969971761efbe43c7f3ac4178738778d17c9dd8181afcacde6e9a392d04028e09823c1e47026a4585f64276592308190948173eba4","ssdeep":"","tlshash":"f9f00e170bf63d4077712a42e7e2c27e0b24ddabf801963e649442a66418bfa2fc8099","first_seen":"2024-07-21T01:22:15Z","last_seen":"2024-08-19T16:13:52.205448Z","times_seen":22689,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:53.008402333Z","timestamp":1721720153008,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"951AE19E1EB066355BF55FF2163F6D14B689088FA3DD443FB01D889BB28FE095\"\r\nLast-Modified: Sat, 20 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6500\r\nExpires: Tue, 23 Jul 2024 09:24:13 GMT\r\nDate: Tue, 23 Jul 2024 07:35:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41b470cfcb4d809b7689783076e07c76","sha1":"919b05dba2523cc4b8e9a6e873fe777fd753ee1b","sha256":"951ae19e1eb066355bf55ff2163f6d14b689088fa3dd443fb01d889bb28fe095","sha512":"dce19fad3a25686ec442ada5c3d462174a63f1fc17cf331d3690797222d4adb87c567235eda21ab6512379198277a0b73584283849c33439892ee919e093005d","ssdeep":"","tlshash":"eaf0054185d97f803760081a7ed5e1083e309f6ca4910fd4819046c72062bca5b940d8","first_seen":"2024-07-21T05:06:08Z","last_seen":"2024-08-19T16:13:24.436694Z","times_seen":17054,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:53.127791073Z","timestamp":1721720153127,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"35D53644A11CC8C68AE047E6BB5CD2F6AD14FE276A01CB6085506235485B09A5\"\r\nLast-Modified: Sat, 20 Jul 2024 19:45:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15484\r\nExpires: Tue, 23 Jul 2024 11:53:57 GMT\r\nDate: Tue, 23 Jul 2024 07:35:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"dcef7ec00b596d1668f2a773b8c39f62","sha1":"8d0be7f842f568e065b5955dc14af00870eed0e9","sha256":"35d53644a11cc8c68ae047e6bb5cd2f6ad14fe276a01cb6085506235485b09a5","sha512":"ef361accb6b7696826d1cd1ce38fc75daa4f69e06a25eb8de235215ea32ac811c4efdafdb2daba779b48b3c6a975ec64169ce9614d82d9746bf19ee08edc20d6","ssdeep":"","tlshash":"98f0750703d72d033a360a260721c3683c308cbd306401da69500a9638037ada6451c8","first_seen":"2024-07-21T02:45:03Z","last_seen":"2024-08-19T16:13:40.292187Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"the.earth.li/~sgtatham/putty/latest/w32/putty.exe","fqdn":"the.earth.li","domain":"earth.li","tld":"li"},"ip":{"addr":"93.93.131.124","port":443,"asn":44684,"as":"Mythic Beasts Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-23T07:35:53.059Z","timestamp":1721720153059,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"the.earth.li","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jul 2024 00:15:27 GMT","end":"Wed, 09 Oct 2024 00:15:26 GMT"},"fingerprint":{"sha1":"C8:23:C6:69:76:57:45:09:A8:EE:31:8E:67:4F:90:13:29:C8:77:CA","sha256":"67:F3:EA:1D:1A:87:A4:99:E3:D3:13:F0:50:91:94:17:84:8D:96:C3:75:7C:DB:D5:D0:21:F6:26:52:71:1F:FD"}}},"request":{"raw":"GET /~sgtatham/putty/latest/w32/putty.exe HTTP/1.1\r\nHost: the.earth.li\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Tue, 23 Jul 2024 07:35:53 GMT\r\nServer: Apache\r\nLocation: https://the.earth.li/~sgtatham/putty/0.81/w32/putty.exe\r\nContent-Length: 302\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":302,"size_decoded":302,"mime_type":"application/x-msdos-program","magic":"HTML document, ASCII text","md5":"0c1d9a5b4d3ac21811c6709bb81c0681","sha1":"92127b7274036e57f05cd74b2b27add946ffaf35","sha256":"67d56ca172e6f4e47a27d285706c698b961959a4e8ca3d187cc84ab9343a74df","sha512":"26f824096cc66a4d37b579343b83fb74565a37a06068cae4c6b3de8bc3958385d4651439cbcf7a8b59110c5efef1982daa2a486997a34576fd81b3af63072236","ssdeep":"","tlshash":"4fe072fe314326a108a33a10588220c922c2a0f26848a5d83acab44782b86349c8e29b","first_seen":"2024-04-18T06:02:58Z","last_seen":"2024-11-27T10:37:04.472041Z","times_seen":350,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":71,"dns":1,"connect":22,"send":0,"wait":23,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"the.earth.li/~sgtatham/putty/0.81/w32/putty.exe","fqdn":"the.earth.li","domain":"earth.li","tld":"li"},"ip":{"addr":"93.93.131.124","port":443,"asn":44684,"as":"Mythic Beasts Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-23T07:35:53.221Z","timestamp":1721720153221,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"the.earth.li","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jul 2024 00:15:27 GMT","end":"Wed, 09 Oct 2024 00:15:26 GMT"},"fingerprint":{"sha1":"C8:23:C6:69:76:57:45:09:A8:EE:31:8E:67:4F:90:13:29:C8:77:CA","sha256":"67:F3:EA:1D:1A:87:A4:99:E3:D3:13:F0:50:91:94:17:84:8D:96:C3:75:7C:DB:D5:D0:21:F6:26:52:71:1F:FD"}}},"request":{"raw":"GET /~sgtatham/putty/0.81/w32/putty.exe HTTP/1.1\r\nHost: the.earth.li\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jul 2024 07:35:53 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 06 Apr 2024 09:54:25 GMT\r\nETag: \"16bd20-6156a8ebb3b1a\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1490208\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/x-msdos-program\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1490208,"size_decoded":1490208,"mime_type":"application/x-msdos-program","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","md5":"f43852a976edcab5a7c82d248ce242d2","sha1":"446ac2bb76e472c185f56b2b1246910a4438246d","sha256":"4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","sha512":"3b4ab06664cb4c228ef0e85cc38d4035d4d2c0b4febd7fa410da65bbcc7b4eafbec924e8d14f02432125fa3d9fb22e50a87707b1c1028ad5d3f0bfbcd4b4075e","ssdeep":"24576:VWzNpYIUzAcFZPVUw1L9ub0VsfMzXGk1GUzwgBaPIJdTaKIe0MStS/o6ui2OXK0:gc3vpJSMwgkk8KIeVSc/zuiV","tlshash":"2f65bf52b6d244b1f48205b506abe73fbe39b1416721cac7d7e0d8181d522e2ea3f35e","first_seen":"2024-04-18T06:02:58Z","last_seen":"2025-04-29T08:03:57.731659Z","times_seen":397,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":299,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-07-19","alert":"Scan result 3/74","trigger":"4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","verdict":"suspicious","severity":"","comment":"suspicious - 3/74","link":"https://www.virustotal.com/gui/file/4a38db0744930e1f5bfc0a82f63c907f7dc94270b930a3950e6a0abbc903c47f","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:55.033814405Z","timestamp":1721720155033,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7741\r\nExpires: Tue, 23 Jul 2024 09:44:56 GMT\r\nDate: Tue, 23 Jul 2024 07:35:55 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-23T07:35:55.036740355Z","timestamp":1721720155036,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C\"\r\nLast-Modified: Sat, 20 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7741\r\nExpires: Tue, 23 Jul 2024 09:44:56 GMT\r\nDate: Tue, 23 Jul 2024 07:35:55 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"abdbb83f974102baaaa6f77ee331d442","sha1":"053c22e9dce284413f8a2d4433748edbdd91b77b","sha256":"23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c","sha512":"85cd14104e12fb3b9b4a2142ca24510e72dc6896a00da0e5091e16d8135602b1675eb3a78231727c6a59b94465375203a116dddb7e523fa3ff120bb34dce589d","ssdeep":"","tlshash":"71f0cccb106a7f41df61161f30a4fa574c21ddf7301441c018d0c2e17440bcd1d4805c","first_seen":"2024-07-20T23:44:47Z","last_seen":"2024-08-19T16:14:21.244156Z","times_seen":15995,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}