Report - cdn.gilcdn.com/ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ_

Report Overview

Submitted URL
cdn.gilcdn.com/ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ__&Key-Pair-Id=K1FFKFZRWAZSB
IP
54.230.111.49
ASN
#16509 AMAZON-02
Submitted
2024-05-05 19:02:59
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-04	338 B	942 B	143.204.53.97
cdn.gilcdn.com	unknown	2023-12-13	2023-12-15	2024-04-21	1.2 kB	2.2 MB	54.230.111.92

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.gilcdn.com/ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ__&Key-Pair-Id=K1FFKFZRWAZSB
IP
54.230.111.92
ASN
#16509 AMAZON-02

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
2.2 MB (2159121 bytes)
Hash
5a2c674b40af9bb935d6c07dc780912f
f66fd2adfd04553f9be9390c9fddd7d8f66ff679
1322396386270a0c9f9aef417846cb7bf3498eb3da90c4bab8ca61cc4b3ca3cc

Archive (26)

Filename

Md5

File type

Localization.resources.dll

2b28eafb90011752b79c3c3584e6a887

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Localization.resources.dll

c2cda90dfdcb3417434c9998f0e5d37f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GalaSoft.MvvmLight.Extras.xml

7f674cae0a0deb381c3dc7af64d11360

XML 1.0 document, ASCII text, with CRLF line terminators

GalaSoft.MvvmLight.Platform.xml

7e173e92f525c0cac89cad28b1bf81f9

XML 1.0 document, ASCII text, with CRLF line terminators

GalaSoft.MvvmLight.xml

87761ae61a01c75f167d9986409addeb

XML 1.0 document, ASCII text, with CRLF line terminators

GW2 Addon Manager.exe

229104ec9dbd305eebff270415b0fb38

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GW2 Addon Manager.exe.config

e64455e4e61799d91cef2a87242c8ef9

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

GW2 Addon Manager.xml

8aa91583600e2cafae0b677debdf2bb8

XML 1.0 document, ASCII text, with CRLF line terminators

Localization.resources.dll

8d04cb105c5176c1f7e6e4b715f1ffa1

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.WindowsAPICodePack.Shell.xml

0db397f96105f2a10814e8e1ed3040fa

XML 1.0 document, ASCII text, with CRLF line terminators

Microsoft.WindowsAPICodePack.xml

4454d3d6dd452f6d874a01e81beff6a4

XML 1.0 document, ASCII text, with CRLF line terminators

Newtonsoft.Json.xml

ed67ac96769018255050ac0829ca459a

XML 1.0 document, ASCII text, with CRLF line terminators

CommonServiceLocator.dll

7072bbdc5f778b5fbe6d4b628ca1a4ce

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GalaSoft.MvvmLight.dll

af04687248da9e95a7ff65ab538d0bcf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GalaSoft.MvvmLight.Extras.dll

810e42e2bbfb536bdc01abf882a24938

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GalaSoft.MvvmLight.Platform.dll

5b958b4229538ac23099ce9ed6f37de4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Localization.dll

5960aab339b956130ffbaafcd415f656

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.WindowsAPICodePack.dll

9531b41519156855a45c46f0b379a784

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.WindowsAPICodePack.Shell.dll

54fe9a2748c4a0f282d4ec91e3cadc16

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

4df6c8781e70c3a4912b5be796e6d337

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.IO.Abstractions.dll

0e0d5915a399ea816e6543524429324e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Windows.Interactivity.dll

580244bc805220253a87196913eb3e5e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

YamlDotNet.dll

9deaf32fe2451a57a7404edb865ca02e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.IO.Abstractions.xml

36653ac47a98db4115606eacfc1abbcf

XML 1.0 document, ASCII text, with CRLF, LF line terminators

YamlDotNet.xml

4ed7acf7197c6a5cb57e16b4692af763

XML 1.0 document, ASCII text, with CRLF line terminators

Localization.resources.dll

cd78d6194bdb381afdd40abbdfc519bf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4e7b321247ccab74d007e3807fac58b2
025e860ba2f6e8ff53b60956531c93d067485202
20f2a3cfb93c932436a3ce8f212e00c7f9dd4150d7e6b4b867adf52eb5d42a67

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 May 2024 19:02:32 GMT
Last-Modified: Sun, 05 May 2024 17:41:08 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lDeSH5xuVKzvhHIzG-P9OVG89tCMiq41n26b0a8KTI8CFbuvX2p40g==
Age: 4884

cdn.gilcdn.com/ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ__&Key-Pair-Id=K1FFKFZRWAZSB

54.230.111.92

200 OK

2.2 MB

URL User Request GET HTTP/2
cdn.gilcdn.com/ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ__&Key-Pair-Id=K1FFKFZRWAZSB
IP
54.230.111.92:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.gilcdn.com
FingerprintB6:3B:AA:24:2D:F6:F2:2D:66:81:B5:0E:46:3F:D8:31:FD:D4:75:49
ValidityThu, 14 Dec 2023 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
2.2 MB (2159121 bytes)
Hash
5a2c674b40af9bb935d6c07dc780912f
f66fd2adfd04553f9be9390c9fddd7d8f66ff679
1322396386270a0c9f9aef417846cb7bf3498eb3da90c4bab8ca61cc4b3ca3cc

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

HTTP Headers

GET /ContentMediaGenericFiles/5a2c674b40af9bb935d6c07dc780912f-Full.zip?w=1&h=1&Expires=1714936026&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNWEyYzY3NGI0MGFmOWJiOTM1ZDZjMDdkYzc4MDkxMmYtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxNDkzNjAyNn19fV19&Signature=S9Dwpb1GvZAZpcip1iYzrWxs~RAQvtA1~08fglDSRatcZCUf9VOT9opBnLDoGQNFjB7ZMpijenvUcXGmC0gOy9wEQpUhMYwOCGJpfG~fmlk5bMbWy6mC4a4notElsyv5MoyAphvoIYlbOlvbmFm4xTqr6lazX01PApoAGwxBlGgtzrjN1wwEwj70rVy31sZYEDgJHPElKJ2uwNs~sZ4xYaJDsG15pXiFrN7tJ~LrbzeI0-WhRtQCGdsMies8sZB01C-hL-QNp0ihYuxaSanjbG7wuCXHP~yInziy7hzhF4A3qYsDQwqm-bYrjm9kyrIWcvye8Vjgio5pfhVpI32dYQ__&Key-Pair-Id=K1FFKFZRWAZSB HTTP/1.1
Host: cdn.gilcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-zip-compressed
content-length: 2159121
date: Sun, 05 May 2024 19:02:33 GMT
last-modified: Sun, 05 May 2024 19:02:07 GMT
etag: "5a2c674b40af9bb935d6c07dc780912f"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-disposition: attachment; filename=GW2-UOAOM-v1.4.5.zip
x-amz-meta-jsonsecure: b0f42dfa17359aec94b1b0a2287bdcfffb585478f83870b69e39bba8da52057dcb10afddd6024ca42ab055856201e7b3624ec39b3e8e841a1c65d6e3fda6200de3a54cd4e69297031aed070d972e7314fe145c6178e4e6f986.2a8636048b481c426574308bb8e5ac51.570283be0f3537fa230ce91a5bc0a2473e9131f5ba430a7f917d0f9982219b9a
x-amz-version-id: nGbw_kJL760hJPA1vTLNyxWu1PSgulCp
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kzXnqkQ1API59P55z1EE9LpyqQ1DHWrt2Ju7MDmkF7B2l9PE4dUTLA==
vary: Origin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (26)

Detections

JavaScript (0)

HTTP Transactions (2)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers