Report - downloads.getmonero.org/cli/monero-win-x64-v0.13.0.2.zip

Report Overview

Visited public
2023-09-11 02:22:56
Tags
URL
downloads.getmonero.org/cli/monero-win-x64-v0.13.0.2.zip
Finishing URL
about:privatebrowsing
IP / ASN
163.171.134.109
#54994 QUANTILNETWORKS
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-10 18:42:49	330 B	964 B	104.18.15.101
downloads.getmonero.org	unknown	2014-06-12	2015-04-14 06:23:34	2023-09-10 06:57:43	512 B	63 MB	163.171.134.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
downloads.getmonero.org/cli/monero-win-x64-v0.13.0.2.zip
IP
163.171.134.109
ASN
#54994 QUANTILNETWORKS

File type
Zip archive data, at least v1.0 to extract, compression method=store\012- data
Size
63 MB (63260391 bytes)
Hash
16dbf360240f212a9dc37974d64cd7ac
961ff373436b242ff57ba2b11c0da88fd5d23ea5
82db8f99fa4b2900f78c282c2d99309b79da544824f9cdb10d0b80ceb511c5ed

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 27/64

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
327b932f271cc3b64a7108aac9a1701d
e14ea8ea1807f75ae3aba928e12651edd8f498ce
3a6ce2a2ae1c7e899d488ca0ba5604a6bf7cc59ab23994c8a6a86ff41889e87e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 11 Sep 2023 02:22:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 09 Sep 2023 20:31:58 GMT
Expires: Sat, 16 Sep 2023 20:31:57 GMT
Etag: "e14ea8ea1807f75ae3aba928e12651edd8f498ce"
Cache-Control: max-age=496761,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 804c71b77fb7569a-OSL

downloads.getmonero.org/cli/monero-win-x64-v0.13.0.2.zip

163.171.134.109

200 OK

63 MB

URL User Request GET HTTP/1.1
downloads.getmonero.org/cli/monero-win-x64-v0.13.0.2.zip
IP
163.171.134.109:443
ASN
#54994 QUANTILNETWORKS

Certificate
IssuerSectigo Limited
Subject*.getmonero.org
Fingerprint6F:F8:F0:AE:2A:0E:F8:94:7B:9D:F4:A4:14:8B:FE:11:B5:33:21:34
ValidityMon, 12 Dec 2022 00:00:00 GMT - Mon, 18 Dec 2023 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store\012- data
Size
63 MB (63260391 bytes)
Hash
16dbf360240f212a9dc37974d64cd7ac
961ff373436b242ff57ba2b11c0da88fd5d23ea5
82db8f99fa4b2900f78c282c2d99309b79da544824f9cdb10d0b80ceb511c5ed

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 27/64

HTTP Headers

GET /cli/monero-win-x64-v0.13.0.2.zip HTTP/1.1
Host: downloads.getmonero.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 11 Sep 2023 02:22:39 GMT
Content-Type: application/zip
Content-Length: 63260391
Connection: keep-alive
Last-Modified: Mon, 18 Nov 2019 18:49:37 GMT
ETag: "5dd2e7c1-3c546e7"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
CF-RAY: 804517aeef46991e-ARN
alt-svc: h3=":443"; ma=86400
Age: 77088
Via: 1.1 PSrdsdgemSTO1sw92:4 (W)
X-Px: ht PSrdsdgemSTO1sw92ARN
X-Ws-Request-Id: 64fe79ef_PSrdsdgemSTO1sw92_10959-42846
Cache-Control: max-age=2629746

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (2)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers