Report - redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip

Report Overview

Visited public
2024-07-14 09:42:19
Tags
URL
redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip
Finishing URL
about:privatebrowsing
IP / ASN
142.250.74.110
#15169 GOOGLE
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
redirector.gvt1.com	2070	2008-03-03	2014-04-02 15:10:51	2024-07-13 21:23:25	517 B	1.0 kB	142.250.74.110
r2---sn-capm-vnae.gvt1.com	unknown	2008-03-03	2015-07-23 07:32:03	2024-06-17 16:48:26	639 B	662 B	91.90.45.173
r1---sn-5goeen7y.gvt1.com	unknown	2008-03-03	2017-12-13 07:10:24	2024-07-04 13:23:10	790 B	8.1 MB	74.125.110.134
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-13 18:12:55	2.3 kB	6.2 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-13 18:21:55	1.6 kB	3.5 kB	142.250.74.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
r1---sn-5goeen7y.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?mh=n_&pl=23&shardbypass=sd&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350516,24350518&req_id=f365a09594a8e59d&cms_redirect=yes&mip=91.90.42.154&mm=42&mn=sn-5goeen7y&ms=onc&mt=1720949555&mv=u&mvi=1&rmhost=r5---sn-5goeen7y.gvt1.com&smhost=r5---sn-5goeenez.gvt1.com
IP
74.125.110.134
ASN
#15169 GOOGLE

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
8.1 MB (8082561 bytes)
Hash
4648acaad5012d03d489395f3d55a6e3
563623342ff190401bb764c12a8aac22f27dc361
74e7ee75857395715db313aa95db54bc2491d971fc910603aaf869024ad6afe4

Archive (5)

Filename

Md5

File type

widevinecdm.dll

13ab2e3488db8d31890f0bc605f21a7f

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 9 sections

widevinecdm.dll.sig

e6e789364618667d35d2cba31ffdb17a

data

manifest.json

573cae32e099d2c8a55685c00636dad0

JSON text data

LICENSE.txt

49ddb419d96dceb9069018535fb2e2fc

ASCII text

widevinecdm.dll.lib

0ec02e9616d1e2cd6982b270b4f7524a

current ar archive

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (15)

	URL	IP	Response	Size
	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash ee4ec9962b1a3bef02ecefc019ed216c 5eda734d233f0a5b59856fb9bb3a99ca5269fc94 5708233a378cc8a68c0e53bdcfe39e54520b03b789d802e418325caf6841afe5 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5708233A378CC8A68C0E53BDCFE39E54520B03B789D802E418325CAF6841AFE5" Last-Modified: Fri, 12 Jul 2024 03:28:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14768 Expires: Sun, 14 Jul 2024 13:47:55 GMT Date: Sun, 14 Jul 2024 09:41:47 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 59f504b373ca5c60694d89699bf99f9d 98d3531909c87a27c1cedcda49b9450cb398bdc7 7cd67c1e38bf7cf396230f1f4ca4d83bd04fedd7d1258139ecfceda994200568 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "7CD67C1E38BF7CF396230F1F4CA4D83BD04FEDD7D1258139ECFCEDA994200568" Last-Modified: Sat, 13 Jul 2024 01:53:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16284 Expires: Sun, 14 Jul 2024 14:13:11 GMT Date: Sun, 14 Jul 2024 09:41:47 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 4a4d81b1c193182fe2b1122877e94203 fd1f4427cb5867a8f63ae15825279827bbf768e6 4cd1772d378248e886ee96f55d956ff0856ba3f2eae9f15a10136e68f450ca70 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "4CD1772D378248E886EE96F55D956FF0856BA3F2EAE9F15A10136E68F450CA70" Last-Modified: Fri, 12 Jul 2024 11:47:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14801 Expires: Sun, 14 Jul 2024 13:48:29 GMT Date: Sun, 14 Jul 2024 09:41:48 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 22ed1a54c5ec2cea89d074f91aa80a7a 992ac767733a3719e57c17ecd13f60faf590e0e1 85faedcb4c0cb0c34f3cd9424cd34550b97195ccf2307aa2a108cf8643415086 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "85FAEDCB4C0CB0C34F3CD9424CD34550B97195CCF2307AA2A108CF8643415086" Last-Modified: Fri, 12 Jul 2024 04:18:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14927 Expires: Sun, 14 Jul 2024 13:50:35 GMT Date: Sun, 14 Jul 2024 09:41:48 GMT Connection: keep-alive`

	o.pki.goog/wr2	142.250.74.67		472 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2d452a91659590e9621b52fb69c55f0f a1e0bad7db063283217d541df8c47fc190d80e9e 9ab9dd8308eca8b9630d5b5025140698270d5451007b21a2db25630bdb1d727c HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 14 Jul 2024 09:41:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip	142.250.74.110	302 Found	430 B
URL User Request GET HTTP/2 redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip IP 142.250.74.110:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint0B:28:0E:1B:FF:FC:C8:1B:AF:D7:4E:50:F3:EE:75:59:BB:D5:46:24 ValidityMon, 24 Jun 2024 06:35:44 GMT - Mon, 16 Sep 2024 06:35:43 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 430 B (430 bytes) Hash 47bb9f4a64b9bcf1ef14ccaa65a1f6da 6259396ab70459dd14aca3d2ac117dd189c95d8a d1dd229a6650ec99f4524f08842751a0661f5fb2905f9507abe2f1b814cea32a HTTP Headers GET /edgedl/widevine-cdm/4.10.2557.0-win-x86.zip HTTP/1.1 Host: redirector.gvt1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Sun, 14 Jul 2024 09:41:48 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff location: https://r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?cms_redirect=yes&mh=n_&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1720948987&mv=u&mvi=2&pl=23&shardbypass=sd content-type: text/html; charset=UTF-8 server: ClientMapServer content-length: 430 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	o.pki.goog/wr2	142.250.74.67		471 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9f6ffb74b50a5a32f552588baf3a2127 80d5dafe7c3c9429cce7d0709f7b5b3eb1189ff2 50b7e05b9a62cd5eebbe5b72cf81ae4d166e3ce3456205fe7cff227ab972a324 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 14 Jul 2024 09:41:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	o.pki.goog/wr2	142.250.74.67		472 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2d452a91659590e9621b52fb69c55f0f a1e0bad7db063283217d541df8c47fc190d80e9e 9ab9dd8308eca8b9630d5b5025140698270d5451007b21a2db25630bdb1d727c HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 14 Jul 2024 09:41:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?cms_redirect=yes&mh=n_&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1720948987&mv=u&mvi=2&pl=23&shardbypass=sd	91.90.45.173	302 Found	0 B
URL User Request GET HTTP/1.1 r2---sn-capm-vnae.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?cms_redirect=yes&mh=n_&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1720948987&mv=u&mvi=2&pl=23&shardbypass=sd IP 91.90.45.173:443 ASN #50304 Blix Solutions AS Certificate IssuerGoogle Trust Services Subject.googlevideo.com Fingerprint13:F4:28:20:81:B2:D7:F1:DB:9E:D7:C2:BB:0D:C4:50:1B:71:92:A4 ValidityTue, 25 Jun 2024 14:32:30 GMT - Tue, 03 Sep 2024 14:32:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?cms_redirect=yes&mh=n_&mip=91.90.42.154&mm=28&mn=sn-capm-vnae&ms=nvh&mt=1720948987&mv=u&mvi=2&pl=23&shardbypass=sd HTTP/1.1 Host: r2---sn-capm-vnae.gvt1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Last-Modified: Wed, 02 May 2007 10:26:10 GMT Date: Sun, 14 Jul 2024 09:41:48 GMT Expires: Sun, 14 Jul 2024 09:56:48 GMT Cache-Control: public, max-age=900 Location: https://r1---sn-5goeen7y.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?mh=n_&pl=23&shardbypass=sd&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350516,24350518&req_id=f365a09594a8e59d&cms_redirect=yes&mip=91.90.42.154&mm=42&mn=sn-5goeen7y&ms=onc&mt=1720949555&mv=u&mvi=1&rmhost=r5---sn-5goeen7y.gvt1.com&smhost=r5---sn-5goeenez.gvt1.com Content-Length: 0 Connection: close Vary: Origin X-Content-Type-Options: nosniff Content-Type: text/html Server: gvs 1.0

	o.pki.goog/wr2	142.250.74.67		471 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7892a61eee4cdb0f71f160e7074f4b4b b25058e02395c1d97c4a6645dd8db899fea28799 fe5da44cd13349b78aff72bf3adc93ee441832b8f07a1e1958d9694ca916f5d9 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 14 Jul 2024 09:41:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	o.pki.goog/wr2	142.250.74.67		471 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7892a61eee4cdb0f71f160e7074f4b4b b25058e02395c1d97c4a6645dd8db899fea28799 fe5da44cd13349b78aff72bf3adc93ee441832b8f07a1e1958d9694ca916f5d9 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 14 Jul 2024 09:41:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r1---sn-5goeen7y.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?mh=n_&pl=23&shardbypass=sd&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350516,24350518&req_id=f365a09594a8e59d&cms_redirect=yes&mip=91.90.42.154&mm=42&mn=sn-5goeen7y&ms=onc&mt=1720949555&mv=u&mvi=1&rmhost=r5---sn-5goeen7y.gvt1.com&smhost=r5---sn-5goeenez.gvt1.com	74.125.110.134	200 OK	8.1 MB
URL User Request GET HTTP/1.1 r1---sn-5goeen7y.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?mh=n_&pl=23&shardbypass=sd&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350516,24350518&req_id=f365a09594a8e59d&cms_redirect=yes&mip=91.90.42.154&mm=42&mn=sn-5goeen7y&ms=onc&mt=1720949555&mv=u&mvi=1&rmhost=r5---sn-5goeen7y.gvt1.com&smhost=r5---sn-5goeenez.gvt1.com IP 74.125.110.134:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.c.docs.google.com Fingerprint90:2F:DF:AC:40:00:67:3D:C7:7A:43:3C:61:94:D5:E2:BF:8F:AE:00 ValidityTue, 09 Jul 2024 14:33:47 GMT - Tue, 17 Sep 2024 14:33:46 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 8.1 MB (8082561 bytes) Hash 4648acaad5012d03d489395f3d55a6e3 563623342ff190401bb764c12a8aac22f27dc361 74e7ee75857395715db313aa95db54bc2491d971fc910603aaf869024ad6afe4 HTTP Headers GET /edgedl/widevine-cdm/4.10.2557.0-win-x86.zip?mh=n_&pl=23&shardbypass=sd&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350516,24350518&req_id=f365a09594a8e59d&cms_redirect=yes&mip=91.90.42.154&mm=42&mn=sn-5goeen7y&ms=onc&mt=1720949555&mv=u&mvi=1&rmhost=r5---sn-5goeen7y.gvt1.com&smhost=r5---sn-5goeenez.gvt1.com HTTP/1.1 Host: r1---sn-5goeen7y.gvt1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: public,max-age=86400 Content-Disposition: attachment Content-Length: 8082561 Content-Security-Policy: default-src 'none' Content-Type: application/zip Etag: "1038515" Server: downloads X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Date: Sun, 14 Jul 2024 09:41:48 GMT Last-Modified: Wed, 16 Nov 2022 03:24:42 GMT Connection: keep-alive Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Vary: Origin

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 80ee007415e4a9cd9ff180ee56d4fd90 08276896e8774d12a699400ffe88939d02acd056 b76186c793cde690af253f9096553d00dffd54dc33faf5b9a7059b5ce61de651 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "B76186C793CDE690AF253F9096553D00DFFD54DC33FAF5B9A7059B5CE61DE651" Last-Modified: Sat, 13 Jul 2024 05:32:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12091 Expires: Sun, 14 Jul 2024 13:03:21 GMT Date: Sun, 14 Jul 2024 09:41:50 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 80ee007415e4a9cd9ff180ee56d4fd90 08276896e8774d12a699400ffe88939d02acd056 b76186c793cde690af253f9096553d00dffd54dc33faf5b9a7059b5ce61de651 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "B76186C793CDE690AF253F9096553D00DFFD54DC33FAF5B9A7059B5CE61DE651" Last-Modified: Sat, 13 Jul 2024 05:32:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12091 Expires: Sun, 14 Jul 2024 13:03:21 GMT Date: Sun, 14 Jul 2024 09:41:50 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 80ee007415e4a9cd9ff180ee56d4fd90 08276896e8774d12a699400ffe88939d02acd056 b76186c793cde690af253f9096553d00dffd54dc33faf5b9a7059b5ce61de651 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "B76186C793CDE690AF253F9096553D00DFFD54DC33FAF5B9A7059B5CE61DE651" Last-Modified: Sat, 13 Jul 2024 05:32:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12091 Expires: Sun, 14 Jul 2024 13:03:21 GMT Date: Sun, 14 Jul 2024 09:41:50 GMT Connection: keep-alive`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers