| ocsp.globalsign.com/gsrsaovsslca2018 | 104.18.21.226 | | 1.4 kB |
URL ocsp.globalsign.com/gsrsaovsslca2018 IP104.18.21.226:0
Hashdc3b91ef59cf754971f73779b3b07eaf 54986c2fb3e7fa311e119ca32a9a08e1a43a856f 0c21bde4ce3406b39791099931cc7eec598f348d5e8d6576185dc71deb867a32
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 13:23:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 08 Jun 2023 11:11:10 GMT
ETag: "54986c2fb3e7fa311e119ca32a9a08e1a43a856f"
Last-Modified: Sun, 04 Jun 2023 11:11:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d207d946d66b521-OSL
|
| static.dl.mail.ru/LegendLoader.exe | 188.93.63.180 | 200 OK | 12 MB |
URL User Request GET HTTP/2static.dl.mail.ru/LegendLoader.exe IP188.93.63.180:443
CertificateIssuerGlobalSign nv-sa Subject*.dl.mail.ru Fingerprint1E:EB:E9:A8:C9:5D:88:14:7A:AF:AC:32:41:FB:D2:50:EA:2D:02:35 ValidityThu, 25 Aug 2022 10:16:34 GMT - Tue, 26 Sep 2023 10:16:33 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed\012- data Size12 MB (12364488 bytes) Hashe82264b733bfbbb9ca7db2c92631467a 0d1b5af6ef4461ff77647418235b39afacc48bb8 a4b964b393523bae468b37563ceb1721be42900a34b03cd1474fc48c98aa65a2
Analyzer | Verdict | Alert | VirusTotal | 0/69 | |
GET /LegendLoader.exe HTTP/1.1
Host: static.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 04 Jun 2023 13:23:28 GMT
content-type: application/octet-stream
content-length: 12364488
last-modified: Thu, 01 Jun 2023 14:55:46 GMT
content-disposition: attachment; filename="LegendLoader_99079e9dbd84c28cacd9e30e62bd5ced.exe"
etag: "6478b172-bcaac8"
accept-ranges: bytes
X-Firefox-Spdy: h2
|