IP142.250.74.131:0
Hashff2d82b4650aaf86ba6f92800b37f45d 4b537d85d6f75e2d8770164b7fd627cc0824a826 7e51f3062b771bfdeeffb90128089e0ce6c62debb01fb3806bb262b696ab5435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 20:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
| r4---sn-qxo7rn7k.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?cms_redirect=yes&mh=w2&mip=107.178.200.236&mm=28&mn=sn-qxo7rn7k&ms=nvh&mt=1685911358&mv=u&mvi=4&pl=27&rmhost=r2---sn-qxo7rn7k.gvt1.com&shardbypass=sd | 74.125.161.9 | 302 Found | 0 B |
URL User Request GET HTTP/1.1r4---sn-qxo7rn7k.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?cms_redirect=yes&mh=w2&mip=107.178.200.236&mm=28&mn=sn-qxo7rn7k&ms=nvh&mt=1685911358&mv=u&mvi=4&pl=27&rmhost=r2---sn-qxo7rn7k.gvt1.com&shardbypass=sd IP74.125.161.9:443
CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintD9:85:65:96:45:88:2C:C4:13:A8:F6:FC:17:87:4A:23:B3:E6:7E:E5 ValidityTue, 23 May 2023 11:07:35 GMT - Tue, 01 Aug 2023 11:07:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?cms_redirect=yes&mh=w2&mip=107.178.200.236&mm=28&mn=sn-qxo7rn7k&ms=nvh&mt=1685911358&mv=u&mvi=4&pl=27&rmhost=r2---sn-qxo7rn7k.gvt1.com&shardbypass=sd HTTP/1.1
Host: r4---sn-qxo7rn7k.gvt1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 04 Jun 2023 20:58:04 GMT
Expires: Sun, 04 Jun 2023 21:13:04 GMT
Cache-Control: public, max-age=900
Location: https://r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2
Content-Length: 0
Connection: close
Vary: Origin
X-Content-Type-Options: nosniff
Content-Type: text/html
Server: gvs 1.0
|
IP142.250.74.131:0
Hashae58603f2354bba80e0673012a8bae4f e38afb12b01891d3f6d3bc5c229698403f882d5c 108734f4430e9f910fcab7594bb97c61acfcf500112ac027291acb5d17c0ff8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 20:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
IP142.250.74.131:0
Hashae58603f2354bba80e0673012a8bae4f e38afb12b01891d3f6d3bc5c229698403f882d5c 108734f4430e9f910fcab7594bb97c61acfcf500112ac027291acb5d17c0ff8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 20:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
| r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2 | 91.90.45.173 | 200 OK | 7.8 MB |
URL User Request GET HTTP/1.1r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint8A:E2:9E:6F:14:18:45:04:B9:FC:B8:7A:FB:E8:6E:EA:59:DB:B4:65 ValidityTue, 23 May 2023 11:07:36 GMT - Tue, 01 Aug 2023 11:07:35 GMT
File typeZip archive data, at least v2.0 to extract, compression method=deflate\012- data Size7.8 MB (7806686 bytes) Hashcb88a35872065da027f0662c8f2617d4 3a8297bf38499755239ca4f245bb611ed0a8a039 dbd0bc0f951b51b04d17cb61ca31656eee979b95d7717caa86f3542a93a542b2
Analyzer | Verdict | Alert | VirusTotal | 0/55 | |
GET /edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip?mh=w2&pl=21&shardbypass=sd&redirect_counter=1&rm=sn-qxosk7z&req_id=2902cf17aa32192a&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1685911358&mv=u&mvi=2 HTTP/1.1
Host: r2---sn-capm-vnae.gvt1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Disposition: attachment
Content-Length: 7806686
Content-Security-Policy: default-src 'none'
Content-Type: application/zip
Etag: "103850f"
Server: downloads
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 0
Date: Sun, 04 Jun 2023 06:06:54 GMT
Last-Modified: Wed, 16 Nov 2022 03:24:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Vary: Origin
|