URL User Request GET HTTP/1.1IP185.196.9.34:80 ASN#42624 Simple Carrier LLC
File typeASCII text, with CRLF line terminators Hash2e23f1f51731ad1c5f76138fc70f03ae 75ea8b8c00c7d44741176a6a46c27c5b9b11b5a9 b9a4cb7a563a5babfe2219f7e35abc847c41b56f160d337a6d4c83e500d50b85
Analyzer | Verdict | Alert | ThreatFox | malicious | Mirai | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | high | URLhaus Known malware download URL detected (2816411) |
GET /b HTTP/1.1
Host: packetinfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1752
Content-Type: text/plain; charset=utf-8
Last-Modified: Sun, 07 Apr 2024 22:05:36 GMT
Date: Sat, 20 Apr 2024 12:43:02 GMT
|
| packetinfo.com/favicon.ico | 185.196.9.34 | 404 Not Found | 19 B |
URL GET HTTP/1.1packetinfo.com/favicon.ico IP185.196.9.34:80 ASN#42624 Simple Carrier LLC
Hash595e88012a6521aae3e12cbebe76eb9e da3968197e7bf67aa45a77515b52ba2710c5fc34 b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Analyzer | Verdict | Alert | ThreatFox | malicious | Mirai | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: packetinfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://packetinfo.com/b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Sat, 20 Apr 2024 12:43:03 GMT
Content-Length: 19
|