Report - github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip

Report Overview

Visited public
2024-09-25 03:15:48
Tags
URL
github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13 12:28:22	2024-09-24 03:29:21	529 B	4.3 kB	140.82.121.4
objects.githubusercontent.com	134060	2014-02-06	2021-11-01 22:34:29	2024-09-25 01:45:37	959 B	14 MB	185.199.111.133
r10.o.lencr.org	unknown	unknown	2024-06-06 21:45:11	2024-09-25 01:59:40	327 B	887 B	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240925T031517Z&X-Amz-Expires=300&X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
14 MB (14049776 bytes)
Hash
0a962a8007ef8d96abf5fcc6e037c444
f49c341936880cccd126469392e5cc3d5c92b52b
edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a

Archive (97)

Filename

Md5

File type

cyglaunch.exe

8397b6f35b155fc05ae93f29696fe069

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

cygterm+.tar.gz

1b5e7ccbe82e5b866e1d0cf38d16beee

gzip compressed data, was "cygterm+.tar", last modified: Sun Sep 8 07:00:28 2024, from Unix

cygterm.cfg

f1a1ced522b95aeeeb8f9962e8b2dafe

ASCII text

cygterm.exe

9daa47ebd7470ce22f93350714c899eb

PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 10 sections

delpassw.ttl

87471bc3a40de7b659373e18250a829f

ASCII text, with CRLF line terminators

dialup.ttl

986331ca7fe43ecbb01411835ca77063

ASCII text, with CRLF line terminators

IBMKEYB.CNF

061b38195173e8145d57d4d50b97c4a0

Generic INItialization configuration [VT numeric keypad]

KEYBOARD.CNF

061b38195173e8145d57d4d50b97c4a0

Generic INItialization configuration [VT numeric keypad]

keycode.exe

7f772303606a127d2d3ff3023323aa62

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Default.lng

b3258a4f0a9cf72b837e849e63e5ffed

Generic INItialization configuration [Tera Term]

French.lng

a33530674e76ed0f1df6e25a50a56cca

Generic INItialization configuration [Tera Term]

German.lng

f7ec296fa39a7206d6eaaf080b0135d9

Generic INItialization configuration [Tera Term]

Japanese.lng

db9a2f9fc0aa251a260e6730cf66ceb3

Generic INItialization configuration [Tera Term]

Korean.lng

d3ac460d6d0027d9d75db46892c3e007

Generic INItialization configuration [Tera Term]

Russian.lng

6784597c98e8957a53ab7e89c54ec69a

Generic INItialization configuration [Tera Term]

Simplified Chinese.lng

607a5ff9d632aa4e403b92c118cd1fcb

Generic INItialization configuration [Tera Term]

Spanish.lng

57727b26b7cb1d240ea3ccf4ffb09ea0

Generic INItialization configuration [Tera Term]

Tamil.lng

2ae1d5626c1cb5a7670c02aefac70f58

Generic INItialization configuration [Tera Term]

Traditional Chinese.lng

67fda1f7603aeb670687a7959e4ce8be

Generic INItialization configuration [Tera Term]

Default.lng

23af1c051d12d08dd0aab57e9e2aba7a

Unicode text, UTF-16, little-endian text, with CRLF line terminators

English.lng

fd61209256fb0796939c45718c663361

Unicode text, UTF-16, little-endian text, with CRLF line terminators

French.lng

4222621162e59d881fd58025ca670e91

Unicode text, UTF-16, little-endian text, with very long lines (345), with CRLF line terminators

German.lng

7a64504b358e96eb65dbae423e7163ad

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Japanese.lng

1d7faee690891688993bef4a741b7057

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Korean.lng

ceeda033d93295f5139921ec61d722b9

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Russian.lng

cdda3dd399883a71ab32c0178f05d464

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Simplified Chinese.lng

ff68242a02d541138eea60faefd510b2

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Spanish.lng

d55e003db21649579bf6b794bf0da473

Unicode text, UTF-16, little-endian text, with CRLF line terminators

Tamil.lng

fcc631577ad24bda1a6a3a49045289c8

Unicode text, UTF-16, little-endian text, with very long lines (305), with CRLF, CR line terminators

Traditional Chinese.lng

d2ead9916ceb489f904ae4bbf85bc932

Unicode text, UTF-16, little-endian text, with CRLF line terminators

license.txt

78b87882b567713c59e48bf68924589d

ASCII text, with CRLF line terminators

628ef29c985d8bdbf30a468a80405527

ASCII text, with CRLF line terminators

mpause.ttl

5bbd549be9debd1cedcdb7eff6218609

ASCII text, with CRLF line terminators

msys2term.cfg

cc233cd04fbef0f4a8996a1d8f159431

ASCII text, with CRLF line terminators

msys2term.exe

7b82b542e1e6198877bc69a2edf04c2f

PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 10 sections

README.md

45b74925d6719df2b0642d14e30779de

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

portable.ini

d41d8cd98f00b204e9800998ecf8427e

random.ttl

0a39b1e7a8e5c20171610ebe5b0c7cad

ASCII text, with CRLF line terminators

README-archive-ja.txt

5a44df39f42896ba0bef1e8cac1d28ff

Non-ISO extended-ASCII text, with CRLF, NEL line terminators

README-archive.txt

e585c28f89fe911f7e931c28071832db

ASCII text, with CRLF line terminators

screencapture.ttl

a2c063a333a7dedc65ee67cc45a3013b

ASCII text, with CRLF line terminators

ssh2login.ttl

e3a77af546e995b547ad08ca9a5971b4

ASCII text, with CRLF line terminators

ssh_known_hosts

81ea1e896c33a84eef52f599fe5729d2

ASCII text, with CRLF line terminators

teraterm.chm

22758738269355dc023503fd8b433229

MS Windows HtmlHelp Data

TERATERM.INI

98c0c01fb5a006ecd689687adef59ed2

Generic INItialization configuration [Tera Term]

teratermj.chm

f094cdd212274d03de0ecfa122fbf566

MS Windows HtmlHelp Data

Advanced.sample

d85af8b1f4ac803b346f397d8f88a53c

ASCII text, with CRLF line terminators

Color UniversalDesign 4.ini

21ca9d370278449ac8d7465a0c9b19df

ASCII text, with CRLF line terminators

Dracula.ini

b25149ec65bb269de7385e7e1ac288cc

ASCII text, with CRLF line terminators

Putty.ini

0e67e28f67e557799edaa237fe3af835

ASCII text, with CRLF line terminators

README.md

a560a1204f980988706c5d7b075db4c0

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Solarized Dark.ini

fa07314ecc01a0f5e6fe4f9181d6bac7

ASCII text, with CRLF line terminators

Solarized Light.ini

07ab4057f65f05ea74c955a8112a2495

ASCII text, with CRLF line terminators

Tera Term Pro 2.3.ini

b96827cb60b89c8eb099694be7517ae2

ASCII text, with CRLF line terminators

Tronesque.ini

875f694665309e500629d248763792d9

ASCII text, with CRLF line terminators

Windows 10 Console.ini

bc39828471cfc8043241a2b32c4df640

ASCII text, with CRLF line terminators

Windows XP Console.ini

7345e4dfd6b0fc530156bb313f160653

ASCII text, with CRLF line terminators

xterm.ini

8828a0ff424adf10bbfb18e9aaf701f0

ASCII text, with CRLF line terminators

ImageFile.INI

e91eb319caf1445abd2804d43b36436d

ASCII text, with CRLF line terminators

sample_bg.ini

5b4e3a91b4c3de1b14ca3ca45b9621f3

ASCII text, with CRLF line terminators

sample_wallpaper.ini

96bed8e63e155b7c4fade2498cd33959

ASCII text, with CRLF line terminators

23.jpg

75cdd6652dc57c236a83424784293304

JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x534, components 3

43.jpg

910f3572b4d9024d6ae6e2ec45a99ba1

JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x534, components 3

Scale.INI

5d1a0bec8e4d3a9a450c8951e701efef

ASCII text, with CRLF line terminators

03.jpg

a95bcaef33252956c930e0b13ef82d6f

JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x227, components 3

44.jpg

2e1c5a16472ea435777e49e117401be1

JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x313, components 3

Tile.INI

cbd925ac50c5d6a637947e3a7059c467

ASCII text, with CRLF line terminators

TSPECIAL1.TTF

2e743cd2b882ca1c1b25922792a2b122

TrueType Font data, 15 tables, 1st "OS/2", 17 names, Macintosh, Tera SpecialRegularDTP-Tera SpecialTera SpecialVersion 1.00TeraSpecialCreated by Type-Designer 3

ttermpro.exe

1a853f2435857bb5fdf85af2fea4256b

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

ttmenu_readme-j.txt

b8b39d6f26f30fb6671533fd22fbe879

Non-ISO extended-ASCII text, with CRLF, NEL line terminators

ttpcmn.dll

178163e6782914ebfc0421bd71c7ba3e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ttpmacro.exe

7ddd7a1dd62fd19c6577ccaaa50225ee

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

ttpmenu.exe

5cec6ddbdccdecb7bf471adceafa4a79

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

ttpmenu.ini

d41d8cd98f00b204e9800998ecf8427e

TTXAdditionalTitle.dll

fbbf788a9a9d586a53dbcd1d108bcc71

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXAlwaysOnTop.dll

1c06d307908b6bcc25a7414eb480de0f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXCallSysMenu.dll

79465b8b6d04713e756f855e1336a5b9

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXCheckUpdate.dll

11bc0b6ae751a76b7ca8ef814bb6f7e0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXCommandLineOpt.dll

96fd74756b7cd07f40543378ed547f65

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXCopyIniFile.dll

9b15680187923ed5508b665fa9a131e7

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ttxkanjimenu.dll

e5d4516bad280b074acde8621eb391eb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXKcodeChange.dll

2b7dd72fdf59bedad8491d730346772d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXProxy.dll

c5b827f1e14f6d161cfe85af9dea4c53

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXRecurringCommand.dll

891d1e341bf5674da5e0658cdcac035d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXResizeMenu.dll

fed27a3873c5deab3b79c564790b9471

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ttxssh.dll

b9c67ed742ae1f03ad5e2db3fe484660

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXttyplay.dll

8360a2de9c9cf8223a472fad705e1d5f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXttyrec.dll

21f694cf476669de86185ca26178d09f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

TTXViewMode.dll

979cc8b38bddb49e37d7ea7c0c33ae70

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

VT200.CNF

fa63a351499c6b58e4f1a2008a9c43b8

Generic INItialization configuration [VT numeric keypad]

wait_regex.ttl

6dfd654ceeada220a0fea3611725a015

ASCII text, with CRLF line terminators

winscp.ttl

d3a22fd35d2bac52727a6d06ea757d31

Generic INItialization configuration [2]

_TTXFixedWinSize.dll

841e3c2cfcb3f290f186dc1275aa70d1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

_TTXOutputBuffering.dll

c823f98189a9e856027b2123068cbfe8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

_TTXResizeWin.dll

c9e87e665b7fb2f2c3f5db8de25a9c75

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

_TTXShowCommandLine.dll

dccd0e4df5fa3c993d411eb2cbe9e33b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

_TTXtest.dll

82eacaf0a6e15eeaaa7e3f01ecd9eb3a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	win_amadey_bytecodes_oct_2023
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c6c7d535128f9eb2ec6dcd3d7d62919a
5aaa50926b462ccfc32d84db180a9af68e4d6b46
d498f9efc3307515c07f69fe4e630319e60c13d37700b7f35297c9b8d442b690

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D498F9EFC3307515C07F69FE4E630319E60C13D37700B7F35297C9B8D442B690"
Last-Modified: Sun, 22 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2815
Expires: Wed, 25 Sep 2024 04:02:12 GMT
Date: Wed, 25 Sep 2024 03:15:17 GMT
Connection: keep-alive

github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip

140.82.121.4

302 Found

0 B

URL User Request GET HTTP/2
github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Wed, 25 Sep 2024 03:15:17 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240925T031517Z&X-Amz-Expires=300&X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D1E1:10D32D:2ABAFE1:2B9506D:66F38045
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240925T031517Z&X-Amz-Expires=300&X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip&response-content-type=application%2Foctet-stream

185.199.111.133

200 OK

14 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240925T031517Z&X-Amz-Expires=300&X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
14 MB (14049776 bytes)
Hash
0a962a8007ef8d96abf5fcc6e037c444
f49c341936880cccd126469392e5cc3d5c92b52b
edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

HTTP Headers

GET /github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240925T031517Z&X-Amz-Expires=300&X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 08 Sep 2024 07:05:55 GMT
etag: "0x8DCCFD4AEC7297B"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ec4bef7f-b01e-0072-32bd-01e61a000000
x-ms-version: 2020-10-02
x-ms-creation-time: Sun, 08 Sep 2024 07:05:55 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=teraterm-5.3.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 3671
date: Wed, 25 Sep 2024 03:15:18 GMT
x-served-by: cache-iad-kcgs7200166-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 2271, 0
x-timer: S1727234118.672533,VS0,VE97
content-length: 14049776
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (97)

Detections

JavaScript (0)

HTTP Transactions (3)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers