Report - itefix.net/download/free/cwrsync_6.2.12_x64

Report Overview

Visitedpublic

2024-09-27 04:55:21

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-09-26 18:36:39	512 B	1.2 kB	35.244.181.201
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-26 18:37:25	1.6 kB	4.4 kB	23.36.76.226
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-26 18:37:24	2.6 kB	7.1 kB	23.33.119.27
itefix.net	unknown	2014-03-25	2017-02-01 12:40:12	2023-01-07 02:24:19	506 B	4.4 MB	136.243.133.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

itefix.net/download/free/cwrsync_6.2.12_x64_free.zip

IP / ASN

136.243.133.44

#24940 Hetzner Online GmbH

File Overview

File TypeZip archive data, at least v1.0 to extract, compression method=store

Size4.4 MB (4439077 bytes)

MD583dd915f994896cb2c6071ae2693c63c

SHA1ebf1f4ce4f5d46974dbb3fb5db5f1e9e6ff10fb2

SHA2569ee9ca5e77276341433d4b2d92639f93ac75e1ef8e2dc9ca638d14ad6aa740d0

Archive (21)

Modified	Filename	Size	MD5	File type
2024-03-13 22:44	cygz.dll	90 kB	f6c0621e420d590cb982da9c44c617ee	PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections
2024-03-13 22:43	cygzstd-1.dll	665 kB	375cb9459ebf2c59f36c0b729ae164f1	PE32+ executable (DLL) (console) x86-64, for MS Windows, 11 sections
2024-03-13 22:43	cygintl-8.dll	107 kB	ad70ae8a2d10815bc0052b1a20d3ae67	PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections
2024-03-13 22:44	ssh.exe	869 kB	a23d31c475be7db6ea510509f34cdc78	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:44	ssh-keygen.exe	503 kB	004ceac43bc2c976b1e79bb48875f022	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:43	rsync.exe	533 kB	320b0d75b524f38d6350ca677362484c	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:44	cyggcc_s-seh-1.dll	75 kB	64342fb1055fcad95b7b9ebb4e6668db	PE32+ executable (DLL) (console) x86-64, for MS Windows, 11 sections
2024-03-13 22:43	cygpopt-0.dll	43 kB	76e32b71a1372849d216150d464840b4	PE32+ executable (DLL) (console) x86-64, for MS Windows, 11 sections
2024-03-13 22:44	ssh-add.exe	387 kB	3123a264cc34644cc28679405f81a0a5	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:43	cygwin1.dll	3.0 MB	a1c82ed072dc079dd7851f82d9aa7678	PE32+ executable (DLL) (console) x86-64, for MS Windows, 14 sections
2024-03-13 22:44	ssh-agent.exe	369 kB	51adbb0610a3acb41567dfe661c54ca2	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:44	cygcrypto-52.dll	1.6 MB	df517d7e6d5a328bcb4584b9aa04eacc	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
2024-03-13 22:43	cyglz4-1.dll	139 kB	9ba7aa6d4794b7d99f78c1c3b7057a2e	PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections
2024-03-13 22:43	cygiconv-2.dll	1.1 MB	a697051a2c45a5f42ea80e2b4c39e84b	PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections
2024-03-13 22:43	cwrsync.cmd	1.6 kB	7167c0e5c632a02db5b5f7c3ffceaa24	DOS batch file, ASCII text, with CRLF line terminators
2024-03-13 22:43	ssh_config	31 B	b9b048e8ab3db79095591944d12c9d4b	ASCII text, with no line terminators
2024-03-13 22:43	nsswitch.conf	17 B	0beae3372af688446331d813e5228045	ASCII text, with no line terminators
2024-03-13 22:43	README.cwrsync.txt	1.8 kB	bfdf79a08abc4000624e5e4c14a8e42e	ASCII text, with CRLF line terminators
2024-03-13 22:43	README.rsync.txt	4.2 kB	43c5583be00f8aaed32345776ff6241f	ASCII text
2024-03-13 22:43	rsyncd.conf.html	83 kB	f968e3331ccdc24f86af4538077db854	HTML document text HTML document, ASCII text
2024-03-13 22:43	rsync.html	322 kB	f33316626993ca084f2a4387ea7b8255	HTML document text HTML document, ASCII text

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

JavaScript (0)

HTTP Transactions (15)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-25

Last Seen2024-10-04

Times Seen41560

Size504 B (504 bytes)

MD5b6ecb6018a51380d08a47460236a395c

SHA11ce7fe77c21188624302a660a289fe1ce6e7a9e4

SHA256ec876edd163ea26b47c9b862c795844f5dd01452095287ea5cd920e3b512672a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EC876EDD163EA26B47C9B862C795844F5DD01452095287EA5CD920E3B512672A"
Last-Modified: Wed, 25 Sep 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Fri, 27 Sep 2024 06:02:56 GMT
Date: Fri, 27 Sep 2024 04:54:54 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-25

Last Seen2024-09-28

Times Seen615

Size504 B (504 bytes)

MD5134c7239ce5535630fb2dccf2beab4a0

SHA10efb5b46e91c63c83f2183761c64854064eabc6a

SHA2562fc7b1a8d2e0682c855b9354d613ef30c99af23f6fe7eb92870bc01e3dafac1c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2FC7B1A8D2E0682C855B9354D613EF30C99AF23F6FE7EB92870BC01E3DAFAC1C"
Last-Modified: Wed, 25 Sep 2024 05:24:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6585
Expires: Fri, 27 Sep 2024 06:44:39 GMT
Date: Fri, 27 Sep 2024 04:54:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-25

Last Seen2024-09-28

Times Seen13229

Size504 B (504 bytes)

MD54d7d2c93c05c23af00bdd2de1aa8def8

SHA15d690fe96336335097f6edc39f269282fc0c03d5

SHA256ad3bf98d190e8a00b304b608273e81b0d73805059020c0e08e318194738dbe08

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "AD3BF98D190E8A00B304B608273E81B0D73805059020C0E08E318194738DBE08"
Last-Modified: Wed, 25 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17336
Expires: Fri, 27 Sep 2024 09:43:50 GMT
Date: Fri, 27 Sep 2024 04:54:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-25

Last Seen2024-09-28

Times Seen19111

Size504 B (504 bytes)

MD5c43e2541e37815678381469c9e5da2d7

SHA18826a1dacc67c90e98c00b0b34736b52cc7724ad

SHA256e3a32ce3cf72d63e19b8798f97958504386b93f037f1b1c0ee9b1bacef7b7ab7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E3A32CE3CF72D63E19B8798F97958504386B93F037F1B1C0EE9B1BACEF7B7AB7"
Last-Modified: Wed, 25 Sep 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3900
Expires: Fri, 27 Sep 2024 05:59:55 GMT
Date: Fri, 27 Sep 2024 04:54:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-28

Last Seen2024-09-28

Times Seen3

Size504 B (504 bytes)

MD54309fe1d4c467e23c778ce8fdd122fb4

SHA174e107d2cbe70870f25ce8ef97b029382891a222

SHA25630c2859d04a3ec55022d7dd5dc93c4db6cc4228b87917714ef51f135904931ac

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "30C2859D04A3EC55022D7DD5DC93C4DB6CC4228B87917714EF51F135904931AC"
Last-Modified: Wed, 25 Sep 2024 11:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Fri, 27 Sep 2024 10:54:27 GMT
Date: Fri, 27 Sep 2024 04:54:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen145

Size504 B (504 bytes)

MD5cb36409a72e96aa4ad5a288e78ac15b6

SHA1e7d24d7dbc893b60d43b5a39125a629c418b4c40

SHA2563766df9fbbf3ff744bf9afec70e1c3257e4e46073e0368f8885d063067963c56

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3766DF9FBBF3FF744BF9AFEC70E1C3257E4E46073E0368F8885D063067963C56"
Last-Modified: Thu, 26 Sep 2024 15:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6457
Expires: Fri, 27 Sep 2024 06:42:32 GMT
Date: Fri, 27 Sep 2024 04:54:55 GMT
Connection: keep-alive

GET itefix.net/download/free/cwrsync_6.2.12_x64_free.zip

136.243.133.44

200 OK

4.4 MB

URL User Request GET HTTPS

itefix.net/download/free/cwrsync_6.2.12_x64_free.zip

IP / ASN

136.243.133.44

#24940 Hetzner Online GmbH

Requested byN/A

Resource Info

File typeZip archive data, at least v1.0 to extract, compression method=store

First Seen2024-03-15

Last Seen2024-09-28

Times Seen2

Size4.4 MB (4439077 bytes)

MD583dd915f994896cb2c6071ae2693c63c

SHA1ebf1f4ce4f5d46974dbb3fb5db5f1e9e6ff10fb2

SHA2569ee9ca5e77276341433d4b2d92639f93ac75e1ef8e2dc9ca638d14ad6aa740d0

Certificate Info

IssuerLet's Encrypt

Subjectitefix.no

Fingerprint97:29:5C:3F:AE:AF:CB:8E:CC:E8:66:77:61:45:52:F6:CA:D7:A2:D3

ValiditySat, 10 Aug 2024 02:04:44 GMT - Fri, 08 Nov 2024 02:04:43 GMT

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

HTTP Headers

GET /download/free/cwrsync_6.2.12_x64_free.zip HTTP/1.1
Host: itefix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 27 Sep 2024 04:54:55 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
Etag: "1727412879-1"
Content-Language: en
X-Frame-Options: DENY, SAMEORIGIN
Cache-Control: public, max-age=0
Last-Modified: Fri, 27 Sep 2024 04:54:39 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r10.o.lencr.org/

23.36.76.226

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen3681

Size504 B (504 bytes)

MD5c56ad8f187bab174c38e26d598c6aa0a

SHA129826babc65a845692a857af04aeeb939efd9935

SHA256b6710c289ff4da1da6b1f806831b07467e01453a6aeae5c6a8d927943715e76c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6710C289FF4DA1DA6B1F806831B07467E01453A6AEAE5C6A8D927943715E76C"
Last-Modified: Thu, 26 Sep 2024 17:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3334
Expires: Fri, 27 Sep 2024 05:50:30 GMT
Date: Fri, 27 Sep 2024 04:54:56 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen4931

Size504 B (504 bytes)

MD564108df12984593f36170f27e6fb80f2

SHA16754152a60740508014d3d1f98750e881548eaa8

SHA25632226a3dd41116178dae22f6632d404aa1f57d0e87e6a8da6c16c82ac41884d0

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32226A3DD41116178DAE22F6632D404AA1F57D0E87E6A8DA6C16C82AC41884D0"
Last-Modified: Thu, 26 Sep 2024 16:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Fri, 27 Sep 2024 05:45:00 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen4931

Size504 B (504 bytes)

MD564108df12984593f36170f27e6fb80f2

SHA16754152a60740508014d3d1f98750e881548eaa8

SHA25632226a3dd41116178dae22f6632d404aa1f57d0e87e6a8da6c16c82ac41884d0

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32226A3DD41116178DAE22F6632D404AA1F57D0E87E6A8DA6C16C82AC41884D0"
Last-Modified: Thu, 26 Sep 2024 16:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Fri, 27 Sep 2024 05:45:00 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen4931

Size504 B (504 bytes)

MD564108df12984593f36170f27e6fb80f2

SHA16754152a60740508014d3d1f98750e881548eaa8

SHA25632226a3dd41116178dae22f6632d404aa1f57d0e87e6a8da6c16c82ac41884d0

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32226A3DD41116178DAE22F6632D404AA1F57D0E87E6A8DA6C16C82AC41884D0"
Last-Modified: Thu, 26 Sep 2024 16:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Fri, 27 Sep 2024 05:45:00 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen4931

Size504 B (504 bytes)

MD564108df12984593f36170f27e6fb80f2

SHA16754152a60740508014d3d1f98750e881548eaa8

SHA25632226a3dd41116178dae22f6632d404aa1f57d0e87e6a8da6c16c82ac41884d0

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32226A3DD41116178DAE22F6632D404AA1F57D0E87E6A8DA6C16C82AC41884D0"
Last-Modified: Thu, 26 Sep 2024 16:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Fri, 27 Sep 2024 05:45:00 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-26

Last Seen2024-09-28

Times Seen4931

Size504 B (504 bytes)

MD564108df12984593f36170f27e6fb80f2

SHA16754152a60740508014d3d1f98750e881548eaa8

SHA25632226a3dd41116178dae22f6632d404aa1f57d0e87e6a8da6c16c82ac41884d0

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32226A3DD41116178DAE22F6632D404AA1F57D0E87E6A8DA6C16C82AC41884D0"
Last-Modified: Thu, 26 Sep 2024 16:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Fri, 27 Sep 2024 05:45:00 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-27

Last Seen2024-09-28

Times Seen83

Size504 B (504 bytes)

MD56db9dc2d49ad697acc44511da585d872

SHA11fe1ace2186408c89c7cb782a3a3696f38d07316

SHA256cab9d791edfbae8101fbb9d2aaab1e544f0044ac4f647b61e1bc3770c1853e01

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CAB9D791EDFBAE8101FBB9D2AAAB1E544F0044AC4F647B61E1BC3770C1853E01"
Last-Modified: Thu, 26 Sep 2024 16:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2888
Expires: Fri, 27 Sep 2024 05:43:06 GMT
Date: Fri, 27 Sep 2024 04:54:58 GMT
Connection: keep-alive

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL HTTP

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

IP / ASN

35.244.181.201

#396982 GOOGLE-CLOUD-PLATFORM

Requested byN/A

Resource Info

File typeXML 1.0 document, ASCII text, with very long lines (332)

First Seen2023-10-13

Last Seen2025-06-20

Times Seen185315

Size444 B (444 bytes)

MD53b324dec137a87ef7e24a30a65b13dd0

SHA1c0faa95b2f1018e264b3a14aaf50d1003e6c27b3

SHA2566cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-11-02-12-44-24.chain; p384ecdsa=nx-5JOzKoDaY-CuRZG0Zeo18G3qN9mjE138mFlkKnSyHwq5-m7spZtWkFop4gyt6ddtSP_k39yNBBDI2LYKvbNQ3guQMlloC5O27MSchrdnqqh7Yr8Nio76El4pRq6SB
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Fri, 27 Sep 2024 04:53:38 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 96
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2