Report - r4---sn-vgqsrnzd.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=27&shardbypass=sd&redirect_counter=1&cm2rm=sn-qxos67z&rrc=80&req_id=e5cc483564a98b98&cms_redirect=yes&cmsv=e&mip=34.98.143.232&mm=34&mn=sn-vgqsrnzd&ms=ltu&mt=1725858372&mv=u&mvi=4&rmhost=r1---sn-vgqsrnzd.gvt1.com&smhost=r1---sn-vgqsknzz.gvt1.com

Report Overview

Visited public
2024-09-09 05:23:06
Tags
URL
r4---sn-vgqsrnzd.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=27&shardbypass=sd&redirect_counter=1&cm2rm=sn-qxos67z&rrc=80&req_id=e5cc483564a98b98&cms_redirect=yes&cmsv=e&mip=34.98.143.232&mm=34&mn=sn-vgqsrnzd&ms=ltu&mt=1725858372&mv=u&mvi=4&rmhost=r1---sn-vgqsrnzd.gvt1.com&smhost=r1---sn-vgqsknzz.gvt1.com
Finishing URL
about:privatebrowsing
IP / ASN
74.125.156.169
#15169 GOOGLE
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r4---sn-vgqsrnzd.gvt1.com	unknown	2008-03-03	2023-07-03 21:03:07	2024-04-12 02:40:55	779 B	682 B	74.125.156.169
r4---sn-5hnednsz.gvt1.com	unknown	2008-03-03	2022-05-06 11:14:58	2023-09-26 16:07:18	810 B	5.2 MB	74.125.8.233
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-08 18:18:24	1.3 kB	3.5 kB	23.36.77.32
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-08 18:13:16	1.3 kB	3.5 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-08 18:12:19	650 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
r4---sn-5hnednsz.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=21&shardbypass=sd&cm2rm=sn-qxos67z&rrc=80,104&req_id=e5cc483564a98b98&cmsv=e&redirect_counter=2&rm=sn-vgqe677z&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1725858996&mv=m&mvi=4&rmhost=r2---sn-5hnednsz.gvt1.com&smhost=r1---sn-5hne6ns6.gvt1.com
IP
74.125.8.233
ASN
#15169 GOOGLE

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
5.2 MB (5197739 bytes)
Hash
ca728e84cc4daebbed5bafb35e3df9df
c129d6b7d5028b1b1347c4457412d837a1fc8ad9
8eeb72ff641c26eb563f6a0fdb1b3fe67f0f9b17be4c4f96a83304590ec99a83

Archive (5)

Filename

Md5

File type

widevinecdm.dll

2c7a3b4c1883fae5d8a71cd43a5a20af

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections

widevinecdm.dll.sig

92c7eba077938ef66cc7bd90619919e2

data

manifest.json

b3d1c25ba27fc580d497ee7936fed44e

JSON text data

LICENSE.txt

49ddb419d96dceb9069018535fb2e2fc

ASCII text

widevinecdm.dll.lib

cd73bf55e2cf0f1caa5f1a469d75d9dc

current ar archive

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (12)

	URL	IP	Response	Size
	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 85b35ef8e54cfd751670f6a6d56541bd 162e94ccf2a785ea99c41f45c3a76815a2f8ae5f 3f59c24a6538550f52a4c9b39d9f57b023c9d44d50a846e742b763f74dfc179d HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "3F59C24A6538550F52A4C9B39D9F57B023C9D44D50A846E742B763F74DFC179D" Last-Modified: Sun, 08 Sep 2024 09:19:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9435 Expires: Mon, 09 Sep 2024 07:59:53 GMT Date: Mon, 09 Sep 2024 05:22:38 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 80f3aada09a34a0d6e43e77f160ac485 8feee259be181420c2c17ccb3d81ce9bc980b577 cccc9314ca2d07fb6a2a5d91a8d7b37f16fd78a5d14b0e6a27de0df82e47f1f3 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "CCCC9314CA2D07FB6A2A5D91A8D7B37F16FD78A5D14B0E6A27DE0DF82E47F1F3" Last-Modified: Sat, 07 Sep 2024 12:20:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4495 Expires: Mon, 09 Sep 2024 06:37:33 GMT Date: Mon, 09 Sep 2024 05:22:38 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 010d9d76f2cffcde2776f30737ea6daa 8f2fbd4790c6a38d70f1e6d4be7b34a6cf562d70 5b0f8b959509a0ebd05f4fd4dca127683100ab3c79a154da1b78247ebf21ffda HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5B0F8B959509A0EBD05F4FD4DCA127683100AB3C79A154DA1B78247EBF21FFDA" Last-Modified: Sat, 07 Sep 2024 14:37:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3118 Expires: Mon, 09 Sep 2024 06:14:37 GMT Date: Mon, 09 Sep 2024 05:22:39 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash b73e5b140c4c19e7e5450cce90348dec c2186b718c50a53bf30e1093713305403a8bd673 eddd5af125077f387f37956c09c275a35be27c88fbcb02b1d789f352c0dfa5ba HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "EDDD5AF125077F387F37956C09C275A35BE27C88FBCB02B1D789F352C0DFA5BA" Last-Modified: Sat, 07 Sep 2024 14:38:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14520 Expires: Mon, 09 Sep 2024 09:24:39 GMT Date: Mon, 09 Sep 2024 05:22:39 GMT Connection: keep-alive`

	o.pki.goog/wr2	142.250.74.131		472 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 515462729cda928787af227e9ff88e64 25251259212659ade26381bcaddfabed1b2d4b17 c51f14ae50fe0681cb93d8c695909dcd83351a62b2834e79d8267fe328e00360 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 09 Sep 2024 05:22:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r4---sn-vgqsrnzd.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=27&shardbypass=sd&redirect_counter=1&cm2rm=sn-qxos67z&rrc=80&req_id=e5cc483564a98b98&cms_redirect=yes&cmsv=e&mip=34.98.143.232&mm=34&mn=sn-vgqsrnzd&ms=ltu&mt=1725858372&mv=u&mvi=4&rmhost=r1---sn-vgqsrnzd.gvt1.com&smhost=r1---sn-vgqsknzz.gvt1.com	74.125.156.169	302 Found	0 B
URL User Request GET HTTP/1.1 r4---sn-vgqsrnzd.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=27&shardbypass=sd&redirect_counter=1&cm2rm=sn-qxos67z&rrc=80&req_id=e5cc483564a98b98&cms_redirect=yes&cmsv=e&mip=34.98.143.232&mm=34&mn=sn-vgqsrnzd&ms=ltu&mt=1725858372&mv=u&mvi=4&rmhost=r1---sn-vgqsrnzd.gvt1.com&smhost=r1---sn-vgqsknzz.gvt1.com IP 74.125.156.169:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.c.docs.google.com Fingerprint86:A5:13:76:16:C3:9F:FD:38:9D:6A:13:20:7D:E0:BD:35:A2:C5:0B ValidityTue, 27 Aug 2024 14:31:13 GMT - Tue, 05 Nov 2024 14:31:12 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=27&shardbypass=sd&redirect_counter=1&cm2rm=sn-qxos67z&rrc=80&req_id=e5cc483564a98b98&cms_redirect=yes&cmsv=e&mip=34.98.143.232&mm=34&mn=sn-vgqsrnzd&ms=ltu&mt=1725858372&mv=u&mvi=4&rmhost=r1---sn-vgqsrnzd.gvt1.com&smhost=r1---sn-vgqsknzz.gvt1.com HTTP/1.1 Host: r4---sn-vgqsrnzd.gvt1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Last-Modified: Wed, 02 May 2007 10:26:10 GMT Date: Mon, 09 Sep 2024 05:22:39 GMT Expires: Mon, 09 Sep 2024 05:37:39 GMT Cache-Control: public, max-age=900 Location: https://r4---sn-5hnednsz.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=21&shardbypass=sd&cm2rm=sn-qxos67z&rrc=80,104&req_id=e5cc483564a98b98&cmsv=e&redirect_counter=2&rm=sn-vgqe677z&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1725858996&mv=m&mvi=4&rmhost=r2---sn-5hnednsz.gvt1.com&smhost=r1---sn-5hne6ns6.gvt1.com Content-Length: 0 Connection: close Vary: Origin X-Content-Type-Options: nosniff Content-Type: text/html Server: gvs 1.0

	o.pki.goog/wr2	142.250.74.131		472 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 515462729cda928787af227e9ff88e64 25251259212659ade26381bcaddfabed1b2d4b17 c51f14ae50fe0681cb93d8c695909dcd83351a62b2834e79d8267fe328e00360 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 09 Sep 2024 05:22:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r4---sn-5hnednsz.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=21&shardbypass=sd&cm2rm=sn-qxos67z&rrc=80,104&req_id=e5cc483564a98b98&cmsv=e&redirect_counter=2&rm=sn-vgqe677z&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1725858996&mv=m&mvi=4&rmhost=r2---sn-5hnednsz.gvt1.com&smhost=r1---sn-5hne6ns6.gvt1.com	74.125.8.233	200 OK	5.2 MB
URL User Request GET HTTP/1.1 r4---sn-5hnednsz.gvt1.com/edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=21&shardbypass=sd&cm2rm=sn-qxos67z&rrc=80,104&req_id=e5cc483564a98b98&cmsv=e&redirect_counter=2&rm=sn-vgqe677z&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1725858996&mv=m&mvi=4&rmhost=r2---sn-5hnednsz.gvt1.com&smhost=r1---sn-5hne6ns6.gvt1.com IP 74.125.8.233:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.c.docs.google.com Fingerprint86:A5:13:76:16:C3:9F:FD:38:9D:6A:13:20:7D:E0:BD:35:A2:C5:0B ValidityTue, 27 Aug 2024 14:31:13 GMT - Tue, 05 Nov 2024 14:31:12 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 5.2 MB (5197739 bytes) Hash ca728e84cc4daebbed5bafb35e3df9df c129d6b7d5028b1b1347c4457412d837a1fc8ad9 8eeb72ff641c26eb563f6a0fdb1b3fe67f0f9b17be4c4f96a83304590ec99a83 HTTP Headers GET /edgedl/widevine-cdm/4.10.1582.2-win-ia32.zip?mh=hG&pl=21&shardbypass=sd&cm2rm=sn-qxos67z&rrc=80,104&req_id=e5cc483564a98b98&cmsv=e&redirect_counter=2&rm=sn-vgqe677z&cms_redirect=yes&ipbypass=yes&mip=91.90.42.154&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1725858996&mv=m&mvi=4&rmhost=r2---sn-5hnednsz.gvt1.com&smhost=r1---sn-5hne6ns6.gvt1.com HTTP/1.1 Host: r4---sn-5hnednsz.gvt1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: public,max-age=86400 Content-Disposition: attachment Content-Length: 5197739 Content-Security-Policy: default-src 'none' Content-Type: application/zip Etag: "4b6ad1" Server: downloads X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Date: Mon, 09 Sep 2024 05:22:40 GMT Last-Modified: Mon, 11 Nov 2019 22:38:03 GMT Connection: keep-alive Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Vary: Origin

	r11.o.lencr.org/	23.36.77.32		504 B
URL r11.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 5c3fba1109521084ef7ba1930038c708 da167832736b19cff2200b7ee2c62f0e2cd4ceeb 170cddf1a28716b552d327083819d646261191483dec007a25da4d86ffa36bc9 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "170CDDF1A28716B552D327083819D646261191483DEC007A25DA4D86FFA36BC9" Last-Modified: Sat, 07 Sep 2024 14:34:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8951 Expires: Mon, 09 Sep 2024 07:51:52 GMT Date: Mon, 09 Sep 2024 05:22:41 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.77.32		504 B
URL r11.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 5c3fba1109521084ef7ba1930038c708 da167832736b19cff2200b7ee2c62f0e2cd4ceeb 170cddf1a28716b552d327083819d646261191483dec007a25da4d86ffa36bc9 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "170CDDF1A28716B552D327083819D646261191483DEC007A25DA4D86FFA36BC9" Last-Modified: Sat, 07 Sep 2024 14:34:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8951 Expires: Mon, 09 Sep 2024 07:51:52 GMT Date: Mon, 09 Sep 2024 05:22:41 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.77.32		504 B
URL r11.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 5c3fba1109521084ef7ba1930038c708 da167832736b19cff2200b7ee2c62f0e2cd4ceeb 170cddf1a28716b552d327083819d646261191483dec007a25da4d86ffa36bc9 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "170CDDF1A28716B552D327083819D646261191483DEC007A25DA4D86FFA36BC9" Last-Modified: Sat, 07 Sep 2024 14:34:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8951 Expires: Mon, 09 Sep 2024 07:51:52 GMT Date: Mon, 09 Sep 2024 05:22:41 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.77.32		504 B
URL r11.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 5c3fba1109521084ef7ba1930038c708 da167832736b19cff2200b7ee2c62f0e2cd4ceeb 170cddf1a28716b552d327083819d646261191483dec007a25da4d86ffa36bc9 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "170CDDF1A28716B552D327083819D646261191483DEC007A25DA4D86FFA36BC9" Last-Modified: Sat, 07 Sep 2024 14:34:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8951 Expires: Mon, 09 Sep 2024 07:51:52 GMT Date: Mon, 09 Sep 2024 05:22:41 GMT Connection: keep-alive`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (12)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash