| fanconom.shop/grace/gf.txt |  185.61.152.60 | 200 OK | 263 kB |
URL User Request GET HTTP/2fanconom.shop/grace/gf.txt IP185.61.152.60:443
CertificateIssuerSectigo Limited Subjectfanconom.shop Fingerprint2E:73:58:FF:70:BA:4C:55:CA:75:D6:35:5F:66:EA:9D:1F:B5:AB:AF ValiditySun, 17 Mar 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size263 kB (263008 bytes) Hashace10975f254c306add98d9900e2df6d c0eba3c27204d7c1feb274a1b35e1eb5603f1b6d f1475a5b902e14dda4388c0ce3aba7deba1df99aa8adf460463c1d317fea8f7b
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Base64 encoded file | | Public Nextron YARA rules | malware | Detects an base64 encoded executable with reversed characters |
GET /grace/gf.txt HTTP/1.1
Host: fanconom.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
last-modified: Tue, 16 Apr 2024 21:03:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 263008
date: Thu, 18 Apr 2024 11:05:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
|
| fanconom.shop/favicon.ico | 185.61.152.60 | 404 Not Found | 1.3 kB |
URL GET HTTP/2fanconom.shop/favicon.ico IP185.61.152.60:443
Requested byhttps://fanconom.shop/grace/gf.txt CertificateIssuerSectigo Limited Subjectfanconom.shop Fingerprint2E:73:58:FF:70:BA:4C:55:CA:75:D6:35:5F:66:EA:9D:1F:B5:AB:AF ValiditySun, 17 Mar 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
GET /favicon.ico HTTP/1.1
Host: fanconom.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanconom.shop/grace/gf.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1251
date: Thu, 18 Apr 2024 11:05:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
|