{"report_id":"f49e4de6-29a9-4811-96e9-5668d2c7c43f","version":6,"status":"done","tags":[],"date":"2024-10-26T10:55:45Z","url":{"schema":"http","addr":"github.com/massgravel/Microsoft-Activation-Scripts/archive/refs/heads/master.zip","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.3","port":0,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-01-04T10:55:45Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"github.com","ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":1423,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":3928,"sent_data":534,"comment":"","tags":null,"fingerprints":null},{"fqdn":"codeload.github.com","ip":{"addr":"140.82.121.9","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":62359,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":318579,"sent_data":535,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"3973cb0da65fc881008031ac388046b2","sha1":"24dd6e62125508a6db5d53e087bddd37451ed4b8","sha256":"26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","sha512":"bc7d0254f23e1328d46b11834856cd72ed4ef54b90adb40540cb1dee359e2e7e977811da4cddff7c7e711b35c234a867fb15c811ad928db78781b67cffcef38d","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":317868,"url":{"schema":"https","addr":"codeload.github.com/massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master","fqdn":"codeload.github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.9","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"archive":[{"path":"Microsoft-Activation-Scripts-master/LICENSE","filename":"LICENSE","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"ASCII text","size":35149,"md5":"1ebbd3e34237af26da5dc08a4e440464","sha1":"31a3d460bb3c7d98845187c716a30db81c44b615","sha256":"3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986","sha512":"d361e5e8201481c6346ee6a886592c51265112be550d5224f1a7a6e116255c2f1ab8788df579d9b8372ed7bfd19bac4b6e70e00b472642966ab5b319b99a2686","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/All-In-One-Version-KL/MAS_AIO.cmd","filename":"MAS_AIO.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"ASCII text, with very long lines (376), with CRLF line terminators","size":436430,"md5":"aa378fab3084f1bbb2bb73f96acfdb08","sha1":"8df42a8e5e50763b55a1c79d2f48f81fb4642c08","sha256":"39961d29b07d59d54a709aa7b152269adc6349752660a0c66d627b09df18b9b6","sha512":"e261af0ed6ee086d6f37e9021d63b6b56c9aba50e45a5b6e5724fd52769bf63fbff019fbd179cac790ff38e3ddd0c25ec9ba9d45cebbc15a6336577a40850114","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd","filename":"HWID_Activation.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (376), with CRLF line terminators","size":72877,"md5":"cce194c4280f748a8b0e9ed41547376b","sha1":"c71987993b913bd062e4d61a820fac86c5392c8e","sha256":"7afa657edd0192875f98cef3dfde12e2907237d5873840c96067accd8fd9249c","sha512":"30b2d48a823524e0192742003534e6a71b3f662a439ff456adae133f911ea4d608017b2f1e6874c5e4dc8391a87e5f1c8ae8e51a5473ee1547ac0df88c3714a9","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd","filename":"KMS38_Activation.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (500), with CRLF line terminators","size":74709,"md5":"9e088080efa90fcf81ea485c54ef18ff","sha1":"54d45cff2cd5ebc951d291c15469aa1189b17395","sha256":"6026ff44f58d11a9fb178b3a8996978882719469cbb5f3c57d137e836a6a0bbb","sha512":"50fd5bb5b0c86c429d6cd07125edf3b1a56d15904577e8041b1a08897a343677b92f5252123fa551a6d202c3107910caffeeb874fbab3f9712769b6e04e0f9cf","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd","filename":"Ohook_Activation_AIO.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (461), with CRLF line terminators","size":131749,"md5":"8d32c6aa965d15876377646233bb877a","sha1":"04f6c6c9ac9b5e08d5bfd0667bd52b37fe01cf02","sha256":"0d45ff95ec377bf8820dbd3581a0d5135c9c74cb2e6840a4c196c1686ea5183c","sha512":"8b2f9b4c9d7180f08c9095fe44bae4924df0b310e024015b3cab367d424ed9d41e500dc94e6ffd9603a631031998f5f8b9625e5a5525965740e5a795691565c1","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd","filename":"Online_KMS_Activation.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (461), with CRLF line terminators","size":151523,"md5":"33109e7fb7edea915b4ed470a8d8b6c0","sha1":"75f4f082916b50a32841a1a5c6f5d84f9449be91","sha256":"35281cd1f56ed8b80d8c781aaf2e3d4f5bab559cadfb2668f5db82b22c520710","sha512":"2314e9ea4906f4607808f1b1bd9881499fb27a87fd751287d21bd3e482187495a766d3359993d2b2f9e7f6b6a78f859098203dd0111b6572a1e36da3089230b0","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/ReadMe.txt","filename":"ReadMe.txt","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"ASCII text, with CRLF line terminators","size":758,"md5":"b7fa33165116723bc2f83676fd62cc69","sha1":"cc6b94408734056697807b93adf2d3ed3dc04ab6","sha256":"b0218b2723a32157a094ee3b852159b339ec3e01ce25aa05e19b28f55a0e9528","sha512":"3c84170f52c33c5fbdef0a4553b765756e8906da9a98bac91930fb820d667afc378c80dbf85040f004f8a72c92e7193bb247d8242d47c26569e0a0fc12fdfc2a","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Change_Office_Edition.cmd","filename":"Change_Office_Edition.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (453), with CRLF line terminators","size":45470,"md5":"6d178a37ef202b616df131f81d6ffac3","sha1":"1994e3dd878f00bb4d3d117330892ac697c9c54e","sha256":"0a44ad744f1ecba45022c63a28ed22aca64b98376738f75068f186a6d9d2806e","sha512":"345b6170b096ddd4e10717156bea1c6ddcbf1604924ddeed9e7aab0bdbd3b844b2ee77de13ee68c16aa524352eca9ab2dfe3df8370697900a15da28c401da87d","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Change_Windows_Edition.cmd","filename":"Change_Windows_Edition.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (312), with CRLF line terminators","size":45523,"md5":"38035cdb3a139188007ee389ea86f450","sha1":"0056bab2b6e6846ec7d52d1f96e4980e4ff6742c","sha256":"f1e5c6f797c71da6bbe6ba019b685d40fe3e8ae21725071464dc61df858b93f3","sha512":"6321be7421baf3ac043c3cc600cf3d63dc8087aeaad1c2d9a38d3f29463367c2b2626a9ceb8bc6b5ecf166c2b2c836a3b9dda88e16310000fbdbb9a53512b42f","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Check_Activation_Status.cmd","filename":"Check_Activation_Status.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":35487,"md5":"1ebf95a85eec40bab2045bd26658a345","sha1":"335da7f4bddf73d3f6c454db0b737fc75d9cd6e4","sha256":"997c19c8ac529e7f2b20e094897cf4fe1a4e03c26ac9e0e5724aa4011a7bb262","sha512":"01bf89c65d255938c4665e22289e4dd79826ab2d86b91cda16cf0b01574304c980758554a835dce89331d3fcd7b81762f7b756805fb2b496e86b31a284b5e3f5","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Extract_OEM_Folder.cmd","filename":"Extract_OEM_Folder.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with CRLF line terminators","size":23385,"md5":"7a7a1e02b59c63494c15487744d0781d","sha1":"109f0bbaceb5e95150ead0883f4d0a3c3273c47a","sha256":"830cf24042bf8a0c843ae1ddd36607a5f2374c531381aff2909e331be7f2a9ff","sha512":"377989183c421f35d06206883bf514c9f778a17a6158d6c8f90a5e9fbb0febf980b0b57f1372ea3a7454982be32fed506fd40633a2d458e011bceb2c52136db4","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Troubleshoot.cmd","filename":"Troubleshoot.cmd","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"DOS batch file, ASCII text, with very long lines (376), with CRLF line terminators","size":50328,"md5":"59cae5412898b564652af61c3ea68bb4","sha1":"592ba08fd24231d7394c23d0873205eeb5faf83a","sha256":"d40bdf0d65fb8787088cabe8f46670e73f27c78ab760a8d5977eccbaf0dd41c4","sha512":"6b38529918954fb12dbc2b8634292642490dcdbd4af00234c31abb4f7fd88af8364c85f838a44a9668adedd19823761ffb5dd22227d597d19f9c0dfef19e5000","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/_ReadMe.html","filename":"_ReadMe.html","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"HTML document, ASCII text, with CRLF line terminators","size":84,"md5":"574e18c1f9b32a47f988ac91588901ba","sha1":"4c0827e3deeb84cf442e0356dfc1883bcb131fbb","sha256":"8932bacd828c0716b136af6aa15011aed0015e7838006f2cff7a64954a5696b0","sha512":"4c480c530af4218e5ac276228a372fcd799912eb183685f805b6c47b5d6971be42a4dca2baa016425dc2499367624cb70de12d280ddcb7b613001460dbf820f8","alerts":{"urlquery":null,"analyzer":null}},{"path":"Microsoft-Activation-Scripts-master/README.md","filename":"README.md","modified":"","Modified":"2024-09-28T15:21:04-07:00","magic":"HTML document, Unicode text, UTF-8 text","size":2864,"md5":"4119f4bcfb7b30eb2b5e3b7d7ddf1d11","sha1":"67a6ba5c6bd45097a0915aa0fe8f353594afdce8","sha256":"d1277eae21a3ae1316ae4f1abfd9ccd328f4f84c90732ae35d91cc34467098f5","sha512":"916c38b504005bda7245ad80addffba4520dd0f5dd443668dd1a5216d741ad097c2f6d18479fe301ccc60fd3dfeb11fad410d9b001bf5ce0f4cd5ad3cced9376","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-10-26","alert":"Scan result 3/65","trigger":"26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","verdict":"suspicious","severity":"","comment":"suspicious - 3/65","link":"https://www.virustotal.com/gui/file/26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"github.com/massgravel/Microsoft-Activation-Scripts/archive/refs/heads/master.zip","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-26T10:55:18.581Z","timestamp":1729940118581,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"github.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 07 Mar 2024 00:00:00 GMT","end":"Fri, 07 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0","sha256":"FD:6E:9B:0E:F3:98:BC:D9:04:C3:B2:EC:16:7A:7B:0F:DA:72:01:C9:03:C5:3A:6A:6A:E5:D0:41:43:63:EF:65"}}},"request":{"raw":"GET /massgravel/Microsoft-Activation-Scripts/archive/refs/heads/master.zip HTTP/1.1\r\nHost: github.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: GitHub.com\r\ndate: Sat, 26 Oct 2024 10:55:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With\r\nlocation: https://codeload.github.com/massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master\r\ncache-control: max-age=0, private\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nx-frame-options: deny\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/\r\ncontent-length: 0\r\nx-github-request-id: B97C:16F930:832B082:8603315:671CCA96\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/zip","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":608,"timings":{"blocked":219,"dns":1,"connect":23,"send":0,"wait":168,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"codeload.github.com/massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master","fqdn":"codeload.github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.9","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-26T10:55:18.976Z","timestamp":1729940118976,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 07 Mar 2024 00:00:00 GMT","end":"Fri, 07 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"0D:F6:EC:50:FA:ED:AE:6E:13:AF:82:94:52:F7:11:1B:0A:CF:7C:20","sha256":"4D:47:6A:EF:60:3F:1C:32:FB:EF:92:CE:03:B6:EE:F3:33:CF:72:F9:BD:B0:A2:96:0C:FC:CC:02:23:33:5D:9E"}}},"request":{"raw":"GET /massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master HTTP/1.1\r\nHost: codeload.github.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: https://render.githubusercontent.com\r\ncontent-disposition: attachment; filename=Microsoft-Activation-Scripts-master.zip\r\ncontent-length: 317868\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: application/zip\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"00475f029edf43ae617e60573cd97a47bbbf4c09ba8a1c7e2211a269aac6b36d\"\r\nstrict-transport-security: max-age=31536000\r\nvary: Authorization,Accept-Encoding,Origin\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\ndate: Sat, 26 Oct 2024 10:55:19 GMT\r\nx-github-request-id: 5BCD:0E84:693866:7F5E25:671CCA97\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":317868,"size_decoded":317868,"mime_type":"application/zip","magic":"Zip archive data, at least v1.0 to extract, compression method=store","md5":"3973cb0da65fc881008031ac388046b2","sha1":"24dd6e62125508a6db5d53e087bddd37451ed4b8","sha256":"26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","sha512":"bc7d0254f23e1328d46b11834856cd72ed4ef54b90adb40540cb1dee359e2e7e977811da4cddff7c7e711b35c234a867fb15c811ad928db78781b67cffcef38d","ssdeep":"6144:JKM7PFbOvZoE/hRz+kQ8kfJahv/zKxST/ri4kgTJxDgOvtfVnEsf3i:JRDlQqHfJahHmIT/UgD/BVEsf3i","tlshash":"e064235cdd455c9bcd5a763e4bf1c625e0a76acb8d002f12a8ce0c29db01326ef3599b","first_seen":"2024-10-07T16:22:00Z","last_seen":"2024-11-03T12:21:48.914945Z","times_seen":11,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":125,"dns":20,"connect":20,"send":0,"wait":108,"receive":91,"ssl":83},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-10-26","alert":"Scan result 3/65","trigger":"26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","verdict":"suspicious","severity":"","comment":"suspicious - 3/65","link":"https://www.virustotal.com/gui/file/26ab9df0d662009aaa45693d94057f0b5ebcd83859772a4c082914d1d5b7ae68","meta":null}],"urlquery":null}}]}