Report - 62.103.79.76/zip/mysql-connector-odbc-5.2.6-win32.msi

Report Overview

Visited public
2024-10-09 10:29:52
Tags
URL
62.103.79.76/zip/mysql-connector-odbc-5.2.6-win32.msi
Finishing URL
about:privatebrowsing
IP / ASN
62.103.79.76
#6799 OTEnet S\.A\.
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-07 19:37:44	1.3 kB	3.6 kB	23.36.77.32
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-07 19:37:45	981 B	2.7 kB	23.36.77.32
62.103.79.76	unknown	unknown	2013-11-28 07:03:52	2024-03-28 12:02:07	686 B	3.8 MB	62.103.79.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-09	medium	62.103.79.76	Sinkholed
2024-10-09	medium	62.103.79.76	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
62.103.79.76/zip/mysql-connector-odbc-5.2.6-win32.msi
IP
62.103.79.76
ASN
#6799 OTEnet S\.A\.

File type
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: MySQL Connector/ODBC, Author: Oracle Corporation, Keywords: Installer,MSI,Database, Comments: This installer database contains the logic and data required to install MySQL Connector/ODBC 5.2., Template: Intel;1033, Revision Number: {5CA962DC-5F59-448D-A23F-8952BC17A5D4}, Create Time/Date: Wed Sep 25 17:06:22 2013, Last Saved Time/Date: Wed Sep 25 17:06:22 2013, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
Size
3.8 MB (3832320 bytes)
Hash
eff72df909a344f22f69e33a9b9bc4e9
2dde0c3ac6285dc106e57ffa8608e2d58fb747d9
5d38ebea46c42e10a77842bc14ca8766c496e3317128e2fff64d9fffbbafd475

JavaScript (0)

HTTP Transactions (9)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3fbe0b62fa278b1a007491908bb16f2
2ae17f1c5ae52ff197923ec0189f34ad3f43e645
a4eca96abeac5f2760f850db06e2fa5bf29dc017d9d33eabf73943fa4bb94197

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A4ECA96ABEAC5F2760F850DB06E2FA5BF29DC017D9D33EABF73943FA4BB94197"
Last-Modified: Wed, 09 Oct 2024 04:48:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12403
Expires: Wed, 09 Oct 2024 13:56:09 GMT
Date: Wed, 09 Oct 2024 10:29:26 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7338853386defad2f045b3bee05dd9c8
6aaf1269eb3b9e16629c1b20652ee2dbd12c7182
50b50dc294c0c33b05390bd82ad7a823a64b8c24a0de5b92b770e8cfd4e5259f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50B50DC294C0C33B05390BD82AD7A823A64B8C24A0DE5B92B770E8CFD4E5259F"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3560
Expires: Wed, 09 Oct 2024 11:28:46 GMT
Date: Wed, 09 Oct 2024 10:29:26 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
46338129794811f186a0b7a4f44fa3ec
f2e9fd21618da6188e9b28d1abaf563cabf4d29d
c062cb8b7804448db2cfb7aec7389f996d3c14fe2699a038ab536c7e0a99ae88

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C062CB8B7804448DB2CFB7AEC7389F996D3C14FE2699A038AB536C7E0A99AE88"
Last-Modified: Tue, 08 Oct 2024 04:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11454
Expires: Wed, 09 Oct 2024 13:40:20 GMT
Date: Wed, 09 Oct 2024 10:29:26 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
31fc782bf1efb76a7251d3e45007b986
7cfef07644e0e4aad99bfa3dd10cf975f7c06f89
663061e811010828ed222146cbb81114a49ba635f6c6547f3601ae0c3de1409d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "663061E811010828ED222146CBB81114A49BA635F6C6547F3601AE0C3DE1409D"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14996
Expires: Wed, 09 Oct 2024 14:39:23 GMT
Date: Wed, 09 Oct 2024 10:29:27 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Wed, 09 Oct 2024 12:26:09 GMT
Date: Wed, 09 Oct 2024 10:29:29 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Wed, 09 Oct 2024 12:26:09 GMT
Date: Wed, 09 Oct 2024 10:29:29 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Wed, 09 Oct 2024 12:26:09 GMT
Date: Wed, 09 Oct 2024 10:29:29 GMT
Connection: keep-alive

62.103.79.76/

62.103.79.76

12 kB

URL
62.103.79.76/
IP
62.103.79.76:0
ASN
#6799 OTEnet S\.A\.

File type
HTML document, ISO-8859 text, with very long lines (935), with CRLF line terminators
Size
12 kB (11867 bytes)
Hash
3a8e3e8bce275cae4485ca030ba64516
a770beb9c34b291e42f247658210e6866d013a78
654611e057437d3e555d932da2fc2544ee04da9831712dc8c9f05cc8140f18c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 62.103.79.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Expires: Wed, 09 Oct 2024 13:29:29 GMT
Date: Wed, 09 Oct 2024 10:29:28 GMT
Content-Type: text/html
Server: Microsoft-IIS/7.0
Cache-Control: public, max-age=10800
Last-Modified: Thu, 15 Jun 2023 08:45:53 GMT
Set-Cookie: PHPSESSID=bd2i756ilu23qm1m4jjpufrsb4; path=/; HttpOnly
X-Powered-By: PHP/5.5.12, ASP.NET
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

62.103.79.76/zip/mysql-connector-odbc-5.2.6-win32.msi

62.103.79.76

3.8 MB

URL
62.103.79.76/zip/mysql-connector-odbc-5.2.6-win32.msi
IP
62.103.79.76:0
ASN
#6799 OTEnet S\.A\.

File type
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: MySQL Connector/ODBC, Author: Oracle Corporation, Keywords: Installer,MSI,Database, Comments: This installer database contains the logic and data required to install MySQL Connector/ODBC 5.2., Template: Intel;1033, Revision Number: {5CA962DC-5F59-448D-A23F-8952BC17A5D4}, Create Time/Date: Wed Sep 25 17:06:22 2013, Last Saved Time/Date: Wed Sep 25 17:06:22 2013, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
Size
3.8 MB (3832320 bytes)
Hash
eff72df909a344f22f69e33a9b9bc4e9
2dde0c3ac6285dc106e57ffa8608e2d58fb747d9
5d38ebea46c42e10a77842bc14ca8766c496e3317128e2fff64d9fffbbafd475

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zip/mysql-connector-odbc-5.2.6-win32.msi HTTP/1.1
Host: 62.103.79.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 3832320
Date: Wed, 09 Oct 2024 10:29:28 GMT
Content-Type: application/octet-stream
ETag: "e9a8af75a137cf1:0"
Server: Microsoft-IIS/7.0
Accept-Ranges: bytes
Last-Modified: Tue, 04 Mar 2014 12:01:22 GMT
X-Powered-By: ASP.NET

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (0)

HTTP Transactions (9)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP