Report - github.com/BepInEx/BepInEx/releases/download/v5.4.23.2/BepInEx_win_x64

Report Overview

Visited public
2024-12-12 09:37:37
Tags
URL
github.com/BepInEx/BepInEx/releases/download/v5.4.23.2/BepInEx_win_x64_5.4.23.2.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-12-11	537 B	4.4 kB	140.82.121.4
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-12-11	971 B	638 kB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/121067132/b1c841e9-602f-4952-b215-2f45f70acb26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241212%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241212T093712Z&X-Amz-Expires=300&X-Amz-Signature=8daf37177df9743e9f8b028214e6b81228fb07b2f38699f227c343f07b615121&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DBepInEx_win_x64_5.4.23.2.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
637 kB (637157 bytes)
Hash
bd836d0c81dd4d177657ed49a860c936
5642d06adcd62b96f5debbd7dc7d5acdeb053a1e
f752ce4e838f4c305b9da1404b6745f2cff23b8bfd494f79f0c84d0a01f59b46

Archive (22)

Filename

Md5

File type

.doorstop_version

c9e4dc50b8d6ed20385fdca95873b3a5

ASCII text, with no line terminators

changelog.txt

2f682c54bf683c10e120a662b86edb57

ASCII text, with CRLF line terminators

doorstop_config.ini

387896b4ba25b5a00568e92165c1bd01

ASCII text, with CRLF line terminators

winhttp.dll

b2a4d0cb04bf8f5a27ccab237ecc2586

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

0Harmony.dll

4705aa1c7a9795d2787722bc8c419ae8

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

0Harmony.xml

e6363c10ec87b6ffbe44ac84036ee93d

XML 1.0 document, ASCII text, with CRLF line terminators

0Harmony20.dll

5c687ee768406d650dc1d0878db3cd91

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

BepInEx.dll

a7d497dac6ba93cd93acae43f35d408b

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

BepInEx.Harmony.dll

dbda2a5dce19f10b1d28e4c9f6132f33

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

BepInEx.Harmony.xml

a9ed47b1f141a3c4e36fa02a47e99b5a

XML 1.0 document, ASCII text, with CRLF line terminators

BepInEx.Preloader.dll

b0df694c373fbda5be068a407ed8d1d4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

BepInEx.Preloader.xml

b484a68fdf9952bd141a20bbcfb02f92

XML 1.0 document, ASCII text, with CRLF line terminators

BepInEx.xml

3f510d17b1ee2968da9d498e23bb4b26

XML 1.0 document, ASCII text, with very long lines (337), with CRLF line terminators

HarmonyXInterop.dll

7435a263fe29d707305c6f7df2a43c74

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Mono.Cecil.dll

50ae8a86b701c83fce3a814ae8d79321

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Mono.Cecil.Mdb.dll

5a8b48fcf5e445095799e2c9149ff932

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Mono.Cecil.Pdb.dll

427e0464246b1e364c5a1a898db2ecf4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Mono.Cecil.Rocks.dll

36a8284f264bdb2cb3420f5d2b8b10e0

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MonoMod.RuntimeDetour.dll

04e1988b3ea65408d4c4c29e34bcdeb1

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MonoMod.RuntimeDetour.xml

7cdc7f0ea1d474acc68c86edfb4d9960

XML 1.0 document, ASCII text, with CRLF line terminators

MonoMod.Utils.dll

96c7b1340105a3b86f3e8d19a844903a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MonoMod.Utils.xml

b41ea71f1b1bd676092243d75450a2c2

XML 1.0 document, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/BepInEx/BepInEx/releases/download/v5.4.23.2/BepInEx_win_x64_5.4.23.2.zip

140.82.121.4

302 Found

0 B

URL User Request GET HTTP/2
github.com/BepInEx/BepInEx/releases/download/v5.4.23.2/BepInEx_win_x64_5.4.23.2.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /BepInEx/BepInEx/releases/download/v5.4.23.2/BepInEx_win_x64_5.4.23.2.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Thu, 12 Dec 2024 09:37:12 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/121067132/b1c841e9-602f-4952-b215-2f45f70acb26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241212%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241212T093712Z&X-Amz-Expires=300&X-Amz-Signature=8daf37177df9743e9f8b028214e6b81228fb07b2f38699f227c343f07b615121&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DBepInEx_win_x64_5.4.23.2.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8F57:8A0DB:24E70AB:2625080:675AAEC7
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/121067132/b1c841e9-602f-4952-b215-2f45f70acb26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241212%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241212T093712Z&X-Amz-Expires=300&X-Amz-Signature=8daf37177df9743e9f8b028214e6b81228fb07b2f38699f227c343f07b615121&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DBepInEx_win_x64_5.4.23.2.zip&response-content-type=application%2Foctet-stream

185.199.111.133

200 OK

637 kB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/121067132/b1c841e9-602f-4952-b215-2f45f70acb26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241212%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241212T093712Z&X-Amz-Expires=300&X-Amz-Signature=8daf37177df9743e9f8b028214e6b81228fb07b2f38699f227c343f07b615121&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DBepInEx_win_x64_5.4.23.2.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
637 kB (637157 bytes)
Hash
bd836d0c81dd4d177657ed49a860c936
5642d06adcd62b96f5debbd7dc7d5acdeb053a1e
f752ce4e838f4c305b9da1404b6745f2cff23b8bfd494f79f0c84d0a01f59b46

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

HTTP Headers

GET /github-production-release-asset-2e65be/121067132/b1c841e9-602f-4952-b215-2f45f70acb26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241212%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241212T093712Z&X-Amz-Expires=300&X-Amz-Signature=8daf37177df9743e9f8b028214e6b81228fb07b2f38699f227c343f07b615121&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DBepInEx_win_x64_5.4.23.2.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 11 Jun 2024 18:08:24 GMT
etag: "0x8DC8A417C343738"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b093e6-b01e-002f-5d1b-13ec9e000000
x-ms-version: 2023-11-03
x-ms-creation-time: Tue, 11 Jun 2024 18:08:24 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=BepInEx_win_x64_5.4.23.2.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 497
date: Thu, 12 Dec 2024 09:37:12 GMT
x-served-by: cache-iad-kcgs7200081-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 7974, 0
x-timer: S1733996232.157585,VS0,VE98
content-length: 637157
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (22)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers