Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| edgedl.gvt1.com | 142.250.34.2 | |
| mmwrlridbhmibnr.ml | 104.21.86.143 |
- UDP Requests
-
-
192.168.56.102:50839 164.124.101.2:53
-
192.168.56.102:57660 164.124.101.2:53
-
192.168.56.102:61459 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:56752 239.255.255.250:1900
-
192.168.56.102:56754 239.255.255.250:3702
-
192.168.56.102:56756 239.255.255.250:3702
-
192.168.56.102:57661 239.255.255.250:3702
-
POST
200
https://update.googleapis.com/service/update2?cup2key=10:3910824222&cup2hreq=dc950c06ee23db63ccbc6463d0953d7c049cb27465657b9d252c3381314707af
REQUEST
RESPONSE
BODY
POST /service/update2?cup2key=10:3910824222&cup2hreq=dc950c06ee23db63ccbc6463d0953d7c049cb27465657b9d252c3381314707af HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
User-Agent: Google Update/1.3.36.32;winhttp;cup-ecdsa
X-Old-UID: cnt=0
X-Goog-Update-AppId: {430FD4D0-B729-4F61-AA34-91526481799D},{8A69D345-D564-463C-AFF1-A69D9E530F96}
X-Goog-Update-Updater: Omaha-1.3.36.32
X-Goog-Update-Interactivity: bg
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 1202
Host: update.googleapis.com
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'report-sample' 'nonce-rQEHEZAjQ0W7xyy54KD4mw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 21 Apr 2021 00:23:52 GMT
X-Cup-Server-Proof: 3046022100d05b2b215119a6c269fc087456f8e2c7f72d5c79d580ab53873fe222b66d6a0c02210092824e92b33d1000b48678414d195547f32e4170e70b40333a384eca89f2fb27:dc950c06ee23db63ccbc6463d0953d7c049cb27465657b9d252c3381314707af
Content-Type: text/xml; charset=UTF-8
X-Daynum: 5223
X-Daystart: 62632
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
GET
200
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-C74A40101EF9210BFD08B410CB832AFC.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-C74A40101EF9210BFD08B410CB832AFC.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: mmwrlridbhmibnr.ml
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Wed, 21 Apr 2021 00:22:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de1fd2206b4643b5e53115affa898e7ee1618964548; expires=Fri, 21-May-21 00:22:28 GMT; path=/; domain=.mmwrlridbhmibnr.ml; HttpOnly; SameSite=Lax
Last-Modified: Mon, 19 Apr 2021 07:06:51 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 099367a1f80000db100c9b6000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G38%2FuLj8NSXEXOaVLkLSQdMJK6dy%2BPF2lSJ5EIGG3uxps7jO1axyJ8cz3nFdhPDo857acd9bA4%2BKDe27q%2B1FtSyj19Pn%2Be07W4LqDzA1l9bVRcU%3D"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 643275498d05db10-KIX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
HEAD
200
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
HEAD /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 200 OK
accept-ranges: bytes
content-disposition: attachment
content-length: 71971704
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 705
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=0-5855
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 5856
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 712
content-range: bytes 0-5855/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=5856-14298
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 8443
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 716
content-range: bytes 5856-14298/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=14299-22845
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 8547
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 719
content-range: bytes 14299-22845/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=22846-30870
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 8025
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 720
content-range: bytes 22846-30870/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=30871-51185
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 20315
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 721
content-range: bytes 30871-51185/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=51186-94019
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 42834
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 722
content-range: bytes 51186-94019/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=94020-182444
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 88425
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 723
content-range: bytes 94020-182444/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=182445-362248
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 179804
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 724
content-range: bytes 182445-362248/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=362249-725527
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 363279
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 725
content-range: bytes 362249-725527/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=725528-1455530
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 730003
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 726
content-range: bytes 725528-1455530/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=1455531-2928969
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 1473439
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 727
content-range: bytes 1455531-2928969/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=2928970-5887875
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 2958906
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 728
content-range: bytes 2928970-5887875/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=5887876-9971916
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 4084041
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 729
content-range: bytes 5887876-9971916/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=9971917-12586750
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 2614834
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 730
content-range: bytes 9971917-12586750/71971704
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/chrome/AL5rs2UJAhI5hqZoF2YHW-w_89.0.4389.128/89.0.4389.128_chrome_installer.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 12 Apr 2021 23:33:34 GMT
Range: bytes=12586751-21052507
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 8465757
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "9f5ee0"
last-modified: Mon, 12 Apr 2021 23:33:34 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Wed, 21 Apr 2021 00:12:09 GMT
age: 731
content-range: bytes 12586751-21052507/71971704
cache-control: public,max-age=3600
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| UDP 192.168.56.102:57660 -> 164.124.101.2:53 | 2025106 | ET INFO DNS Query for Suspicious .ml Domain | Potentially Bad Traffic |
| TCP 192.168.56.102:49819 -> 142.250.204.35:443 | 906200022 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
| TCP 142.250.34.2:80 -> 192.168.56.102:49820 | 2018959 | ET POLICY PE EXE or DLL Windows file download HTTP | Potential Corporate Privacy Violation |
| TCP 142.250.34.2:80 -> 192.168.56.102:49820 | 2014520 | ET INFO EXE - Served Attached HTTP | Misc activity |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.56.102:49819 142.250.204.35:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=upload.video.google.com | c2:b5:f0:1b:46:55:3f:d3:65:b2:1d:5c:cc:56:a7:41:ac:9c:7a:22 |
Snort Alerts
No Snort Alerts