IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash3e1f84cfd73112e0c86519af1b4b4575 c84cfc19d17bcea75516ac05a0c01e77b2c0b814 7689da56b27dca2ad2b4111e5163b4e923626a26518ec895f18c2e84200c7fc9
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7689DA56B27DCA2AD2B4111E5163B4E923626A26518EC895F18C2E84200C7FC9"
Last-Modified: Sun, 22 Sep 2024 04:13:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10539
Expires: Sun, 22 Sep 2024 13:59:16 GMT
Date: Sun, 22 Sep 2024 11:03:37 GMT
Connection: keep-alive
|
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashd223e6af58560d21054be6ff7137916d 33dcab899ede59bb428e09e500924a2845de2a55 e1f541fc86d07546372fc893f70525325351e831e001cc0da0885a22c29064d3
POST / HTTP/1.1
Host: e5.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E1F541FC86D07546372FC893F70525325351E831E001CC0DA0885A22C29064D3"
Last-Modified: Sun, 22 Sep 2024 11:03:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Sun, 22 Sep 2024 17:02:41 GMT
Date: Sun, 22 Sep 2024 11:03:37 GMT
Connection: keep-alive
|
| GET web-nwlp-15.nfon.com/media/Data/Downloads/Download_Section/Software_for_Windows/Nsoftphone.msi |  185.88.214.180 | 200 OK | 44 MB |
URL User Request GET HTTP/2web-nwlp-15.nfon.com/media/Data/Downloads/Download_Section/Software_for_Windows/Nsoftphone.msi IP185.88.214.180:443
CertificateIssuerLet's Encrypt Subjectweb-nwlp-15.nfon.com Fingerprint85:4A:8D:48:A9:AA:40:62:CB:D4:8C:44:7A:63:44:E3:2C:CA:31:D8 ValidityFri, 06 Sep 2024 06:58:14 GMT - Thu, 05 Dec 2024 06:58:13 GMT
File typeComposite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Code page: 1252, Title: Nsoftphone 12.4.0 12.4.0.23185, Subject: Nsoftphone 12.4.0, Author: nfon AG, Keywords: Installer, Template: Intel;1033, Revision Number: {89E55E5A-C9B5-4566-BD21-9DACD62E6E39}, Create Time/Date: Thu Apr 16 13:20:02 2020, Last Saved Time/Date: Thu Apr 16 13:20:02 2020, Number of Pages: 200, Number of Words: 2, Name of Creating Application: MSI Wrapper (9.0.35.0), Security: 2 Size44 MB (43786240 bytes) Hashbe7d1f916e53a4ae033fb62dc79a3bc3 2ece8f8457264fd141ae32049c24412826bf1b7c b1ebf7a8b975fa64e83ba5a2b82b9f993bdda3128a8608cc43379f70c61c6bbb
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /media/Data/Downloads/Download_Section/Software_for_Windows/Nsoftphone.msi HTTP/1.1
Host: web-nwlp-15.nfon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 09:33:27 GMT
accept-ranges: bytes
content-length: 43786240
cache-control: max-age=2592000
expires: Tue, 22 Oct 2024 11:03:37 GMT
x-ua-compatible: IE=edge
x-content-type-options: nosniff
access-control-allow-origin: https://www.nfon.com
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
content-type: application/x-msi
date: Sun, 22 Sep 2024 11:03:37 GMT
server: Apache
X-Firefox-Spdy: h2
|