Report Overview

  1. Submitted URL

    r4---sn-qxo7rn7k.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?cms_redirect=yes&mh=w2&mip=107.178.200.236&mm=28&mn=sn-qxo7rn7k&ms=nvh&mt=1685911358&mv=u&mvi=4&pl=27&rmhost=r2---sn-qxo7rn7k.gvt1.com&shardbypass=sd

  2. IP

    74.125.161.9

    ASN

    #15169 GOOGLE

  3. Submitted

    2023-06-04 20:58:22

    Access

    public

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    2

  4. Threat Detection Systems

    1

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
r4---sn-qxo7rn7k.gvt1.comunknown2008-03-032022-06-112023-05-31
r2---sn-capm-vnae.gvt1.comunknown2008-03-032015-07-232023-06-03
ocsp.pki.goog1752016-06-132018-07-012023-06-04

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 192.169.69.26
ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
mediumClient IP 192.169.69.26
ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2

  2. IP

    91.90.45.173

  3. ASN

    #50304 Blix Solutions AS

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate\012- data

    Size

    7.8 MB (7806686 bytes)

  2. Hash

    cb88a35872065da027f0662c8f2617d4

    3a8297bf38499755239ca4f245bb611ed0a8a039

    Detections

    AnalyzerVerdictAlert
    VirusTotal0/55
    VirusTotal -

JavaScript (0)

HTTP Transactions (5)

URLIPResponseSize
ocsp.pki.goog/gts1c3
142.250.74.131 472 B
r4---sn-qxo7rn7k.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?cms_redirect=yes&mh=w2&mip=107.178.200.236&mm=28&mn=sn-qxo7rn7k&ms=nvh&mt=1685911358&mv=u&mvi=4&pl=27&rmhost=r2---sn-qxo7rn7k.gvt1.com&shardbypass=sd
74.125.161.9302 Found0 B
ocsp.pki.goog/gts1c3
142.250.74.131 472 B
ocsp.pki.goog/gts1c3
142.250.74.131 472 B
r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2
91.90.45.173200 OK7.8 MB