Report Overview
Submitted URL
r3---sn-vgqsknze.gvt1.com/edgedl/widevine-cdm/4.10.1440.18-linux-x64.zip?mh=_R&pl=27&shardbypass=sd&cm2rm=sn-qxosk76&req_id=64b9fbb43ef51251&cmsv=e&redirect_counter=2&rm=sn-vgqee67z&cms_redirect=yes&ipbypass=yes&mip=34.98.143.35&mm=34&mn=sn-vgqsknze&ms=ltu&mt=1713866853&mv=u&mvi=3&rmhost=r4---sn-vgqsknze.gvt1.com&smhost=r3---sn-vgqsknzl.gvt1.com
IP
74.125.161.104
ASN
#15169 GOOGLE
Submitted
2024-04-23 10:28:03
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
r3---sn-vgqsknze.gvt1.com | 305098 | 2008-03-03 | 2022-06-05 | 2024-03-28 | 801 B | 3.5 MB | 74.125.161.104 |
aus5.mozilla.org | 2548 | 1998-01-24 | 2015-10-27 | 2024-04-22 | 512 B | 1.2 kB | 35.244.181.201 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
r3---sn-vgqsknze.gvt1.com/edgedl/widevine-cdm/4.10.1440.18-linux-x64.zip?mh=_R&pl=27&shardbypass=sd&cm2rm=sn-qxosk76&req_id=64b9fbb43ef51251&cmsv=e&redirect_counter=2&rm=sn-vgqee67z&cms_redirect=yes&ipbypass=yes&mip=34.98.143.35&mm=34&mn=sn-vgqsknze&ms=ltu&mt=1713866853&mv=u&mvi=3&rmhost=r4---sn-vgqsknze.gvt1.com&smhost=r3---sn-vgqsknzl.gvt1.com
IP
74.125.161.104
ASN
#15169 GOOGLE
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.5 MB (3540154 bytes)
Hash
fc6cf66cdff7c57d367b317505f086d1
01209f5f8f4d104917b6439f6107efbb38ccabd2
Archive (3)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
libwidevinecdm.so | 995a6544b32b7d06ac6159aad878a8a0
| ELF 64-bit LSB shared object, x86-64, version 1 (SYSV) | |||
manifest.json | 6d2ec667fecb9a64f987287cf34f31ff | JSON text data | |||
LICENSE.txt | 49ddb419d96dceb9069018535fb2e2fc | ASCII text |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_get_eip |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |
---|---|---|---|---|
r3---sn-vgqsknze.gvt1.com/edgedl/widevine-cdm/4.10.1440.18-linux-x64.zip?mh=_R&pl=27&shardbypass=sd&cm2rm=sn-qxosk76&req_id=64b9fbb43ef51251&cmsv=e&redirect_counter=2&rm=sn-vgqee67z&cms_redirect=yes&ipbypass=yes&mip=34.98.143.35&mm=34&mn=sn-vgqsknze&ms=ltu&mt=1713866853&mv=u&mvi=3&rmhost=r4---sn-vgqsknze.gvt1.com&smhost=r3---sn-vgqsknzl.gvt1.com | 74.125.161.104 | 200 OK | 3.5 MB | |
HTTP Headers
| ||||
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | 444 B | ||
HTTP Headers
| ||||