504 B IP
ASN #20940 Akamai International B.V.
Hash eb8b5a3f62f8ead7f86e028723019196
8941f16c283439f44a148ba7668a67a55aba16de
f76a44ac993c568fcdac2165655a7886f3207e980286b7605a48dc897e4fd68b
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F76A44AC993C568FCDAC2165655A7886F3207E980286B7605A48DC897E4FD68B"
Last-Modified: Mon, 29 Jul 2024 18:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7672
Expires: Wed, 31 Jul 2024 11:31:45 GMT
Date: Wed, 31 Jul 2024 09:23:53 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 0a7ed9f549f2b3f25d9e54500bcb15b9
93b4f0fb8a1be59fa68f9a72a2196c84be6ad61a
8855ef94f553a3d130a13bdf45ba112b3a3282a8110a98dae49144e0b70cff7b
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8855EF94F553A3D130A13BDF45BA112B3A3282A8110A98DAE49144E0B70CFF7B"
Last-Modified: Mon, 29 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6915
Expires: Wed, 31 Jul 2024 11:19:08 GMT
Date: Wed, 31 Jul 2024 09:23:53 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 7335e53b6e780bcc46feb27b6421e625
d5405503dbb1d5d734473133fdd449be49ef8ef0
3fe77d2e06518aee992b779c45a0b57d1353d7e9232e57d99d79bfdfaa488e34
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3FE77D2E06518AEE992B779C45A0B57D1353D7E9232E57D99D79BFDFAA488E34"
Last-Modified: Mon, 29 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16172
Expires: Wed, 31 Jul 2024 13:53:25 GMT
Date: Wed, 31 Jul 2024 09:23:53 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 15f96036fbb7eb8f1dca46d5deb56cb3
5d53fb802bba0a433e8fcb0fd8a002f9a37a4686
e85fa0f570601f68b9d4960c3315fa0464fa580ba6b1d34f709ca2cb7b201e87
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E85FA0F570601F68B9D4960C3315FA0464FA580BA6B1D34F709CA2CB7B201E87"
Last-Modified: Mon, 29 Jul 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19986
Expires: Wed, 31 Jul 2024 14:56:59 GMT
Date: Wed, 31 Jul 2024 09:23:53 GMT
Connection: keep-alive
GET github.com/itm4n/printspoofer/releases/download/v1.0/printspoofer64.exe
302 Found 0 B URL User Request GET HTTP/2 github.com/itm4n/printspoofer/releases/download/v1.0/printspoofer64.exe
IP
Certificate IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /itm4n/printspoofer/releases/download/v1.0/printspoofer64.exe HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: GitHub.com
date: Wed, 31 Jul 2024 09:23:54 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/259576481/816ce080-f39e-11ea-8fc2-8afb7b4f4821?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240731%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240731T092354Z&X-Amz-Expires=300&X-Amz-Signature=d2acba101a6d004614a52a21ff301c46d45cc349838169c8c2d0ed4a2b0c09b1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=259576481&response-content-disposition=attachment%3B%20filename%3DPrintSpoofer64.exe&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 99D3:18B6B4:29B8C56:2A99AA5:66AA02A9
X-Firefox-Spdy: h2
GET objects.githubusercontent.com/github-production-release-asset-2e65be/259576481/816ce080-f39e-11ea-8fc2-8afb7b4f4821?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240731%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240731T092354Z&X-Amz-Expires=300&X-Amz-Signature=d2acba101a6d004614a52a21ff301c46d45cc349838169c8c2d0ed4a2b0c09b1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=259576481&response-content-disposition=attachment%3B%20filename%3DPrintSpoofer64.exe&response-content-type=application%2Foctet-stream
200 OK 27 kB URL User Request GET HTTP/2 objects.githubusercontent.com/github-production-release-asset-2e65be/259576481/816ce080-f39e-11ea-8fc2-8afb7b4f4821?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240731%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240731T092354Z&X-Amz-Expires=300&X-Amz-Signature=d2acba101a6d004614a52a21ff301c46d45cc349838169c8c2d0ed4a2b0c09b1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=259576481&response-content-disposition=attachment%3B%20filename%3DPrintSpoofer64.exe&response-content-type=application%2Foctet-stream
IP
Certificate IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File type PE32+ executable (console) x86-64, for MS Windows, 6 sections
Hash 108da75de148145b8f056ec0827f1665
188098b9caf3bc4d1b68dcad50d2e1cbd2e9d519
8524fbc0d73e711e69d60c64f1f1b7bef35c986705880643dd4d5e17779e586d
Analyzer Verdict Alert VirusTotal malicious
GET /github-production-release-asset-2e65be/259576481/816ce080-f39e-11ea-8fc2-8afb7b4f4821?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240731%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240731T092354Z&X-Amz-Expires=300&X-Amz-Signature=d2acba101a6d004614a52a21ff301c46d45cc349838169c8c2d0ed4a2b0c09b1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=259576481&response-content-disposition=attachment%3B%20filename%3DPrintSpoofer64.exe&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 07 Dec 2021 12:57:44 GMT
etag: "0x8D9B981292BCED7"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7d172276-001e-0015-53a3-def6e6000000
x-ms-version: 2020-10-02
x-ms-creation-time: Tue, 17 Aug 2021 11:00:48 GMT
x-ms-blob-content-md5: EI2nXeFIFFuPBW7Agn8WZQ==
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=PrintSpoofer64.exe
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 31 Jul 2024 09:23:54 GMT
age: 448
x-served-by: cache-iad-kiad7000079-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 73, 2
x-timer: S1722417834.480771,VS0,VE0
content-length: 27136
X-Firefox-Spdy: h2
504 B IP
ASN #20940 Akamai International B.V.
Hash 3bcd70e3c9d0d4edf43c4f35306f7898
8334db3317d065d5811e8826adecfd876f29ef3b
5c019bbd4244b83f2efb9f2c82868b9a35ee0351083f4eb2b637904e45caa0ff
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C019BBD4244B83F2EFB9F2C82868B9A35EE0351083F4EB2B637904E45CAA0FF"
Last-Modified: Mon, 29 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Wed, 31 Jul 2024 12:07:05 GMT
Date: Wed, 31 Jul 2024 09:23:55 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 3bcd70e3c9d0d4edf43c4f35306f7898
8334db3317d065d5811e8826adecfd876f29ef3b
5c019bbd4244b83f2efb9f2c82868b9a35ee0351083f4eb2b637904e45caa0ff
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C019BBD4244B83F2EFB9F2C82868B9A35EE0351083F4EB2B637904E45CAA0FF"
Last-Modified: Mon, 29 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Wed, 31 Jul 2024 12:07:05 GMT
Date: Wed, 31 Jul 2024 09:23:55 GMT
Connection: keep-alive
140.82.121.3
23.36.76.226
185.199.108.133