IP185.196.9.34:0 ASN#42624 Simple Carrier LLC
Hash595e88012a6521aae3e12cbebe76eb9e da3968197e7bf67aa45a77515b52ba2710c5fc34 b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Analyzer | Verdict | Alert | ThreatFox | malicious | Mirai | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: packetinfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Sat, 20 Apr 2024 15:44:02 GMT
Content-Length: 19
|
IP185.196.9.34:0 ASN#42624 Simple Carrier LLC
File typeASCII text, with CRLF line terminators Hash55e4252bf9ea5f7f0343c5f0197fd3e5 5195e5187666640ef5b2fe520a93848ea039bc27 fac6307fe8047c431a856aa2563ec685aa4396b4e57a8075720a0d1b0d2d96a5
Analyzer | Verdict | Alert | ThreatFox | malicious | Mirai | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | high | URLhaus Known malware download URL detected (2816421) |
GET /wget.sh HTTP/1.1
Host: packetinfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1686
Content-Type: application/x-shellscript
Last-Modified: Sun, 07 Apr 2024 19:18:46 GMT
Date: Sat, 20 Apr 2024 15:44:04 GMT
|