Report - pkg-store.dl.mail.ru/packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam

Report Overview

Submitted URL
pkg-store.dl.mail.ru/packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam_API64.dll
IP
188.93.63.73
ASN
#47764 Mail.Ru LLC
Submitted
2023-06-01 06:14:35
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-05-31	349 B	1.9 kB	104.18.20.226
pkg-store.dl.mail.ru	unknown	1997-09-27	2020-05-26	2023-05-31	554 B	988 kB	188.93.63.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-01 06:14:21	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-06-01 06:14:21	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-06-01 06:14:28	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-06-01 06:14:31	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
pkg-store.dl.mail.ru/packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam_API64.dll
IP
188.93.63.73
ASN
#47764 Mail.Ru LLC

File type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows DIY-Thermocam raw data\012- (Lepton 2.x), scale 16443-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 37660420734976.000000, slope 4741954405693406146556470493184.000000\012- data
Size
988 kB (987792 bytes)
Hash
b59c4dda72bebba26a6db5626eb7456d
066fbf7f1f150a4079b5e2daf877c7ea4817ab02
f5413c1dbbd4cd129e5fba3a7b61dea686715119b734094f59c62548365a1fa2

Detections

Analyzer	Verdict	Alert
VirusTotal	0/69	VirusTotal -

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
313cc33dc4f15014ae2ae3d0a60b140b
108bc364e7d1df580083abc83f618e3ff435c0c8
27b88604b3d857585c8a6f7bc34d4825bca0a44a4544d3de66d15a4be0499d5e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 06:14:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Jun 2023 03:27:27 GMT
ETag: "108bc364e7d1df580083abc83f618e3ff435c0c8"
Last-Modified: Thu, 01 Jun 2023 03:27:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 484
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d0550c89eb6069b-OSL

pkg-store.dl.mail.ru/packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam_API64.dll

188.93.63.73

200 OK

988 kB

URL User Request GET HTTP/2
pkg-store.dl.mail.ru/packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam_API64.dll
IP
188.93.63.73:443
ASN
#47764 Mail.Ru LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.dl.mail.ru
Fingerprint1E:EB:E9:A8:C9:5D:88:14:7A:AF:AC:32:41:FB:D2:50:EA:2D:02:35
ValidityThu, 25 Aug 2022 10:16:34 GMT - Tue, 26 Sep 2023 10:16:33 GMT

File type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows DIY-Thermocam raw data\012- (Lepton 2.x), scale 16443-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 37660420734976.000000, slope 4741954405693406146556470493184.000000\012- data
Size
988 kB (987792 bytes)
Hash
b59c4dda72bebba26a6db5626eb7456d
066fbf7f1f150a4079b5e2daf877c7ea4817ab02
f5413c1dbbd4cd129e5fba3a7b61dea686715119b734094f59c62548365a1fa2

Detections

Analyzer	Verdict	Alert
VirusTotal	0/69	VirusTotal -

HTTP Headers

GET /packages/shop/0_2016816distrib14/Caterpillarnoid_Data/Plugins/Steam_API64.dll HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 01 Jun 2023 06:14:17 GMT
content-type: application/octet-stream
content-length: 987792
last-modified: Wed, 11 Jan 2023 12:57:39 GMT
etag: "63beb243-f1290"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (2)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers