Report Overview
Submitted URL
ctf.nahamcon.com/files/96add97c5178981f04ed8de6ae810e07/eicar?token=eyJ1c2VyX2lkIjo1MDAzLCJ0ZWFtX2lkIjoyNDcxLCJmaWxlX2lkIjo0OH0.Zk_I1Q.kkFE-oGOPQr_tvYEdSRWSOAMn5c
IP
35.244.227.28ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2024-05-23 22:58:46
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
7
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| o.pki.goog | unknown | 2016-06-13 | 2024-04-24 | 2024-05-23 | 662 B | 1.4 kB | 142.250.74.131 |
| ctf.nahamcon.com | unknown | 2020-05-07 | 2020-06-06 | 2023-06-15 | 616 B | 2.5 kB | 35.244.227.28 |
| storage.googleapis.com | 420 | 2005-01-25 | 2012-08-06 | 2024-05-23 | 1.1 kB | 850 B | 216.58.207.219 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-05-23 | medium | storage.googleapis.com/nahamcon-2024-ctfd-storage-9656/96add97c5178981f04ed8de6ae810e07/eicar?Expires=1716506902&GoogleAccessId=ctfd-storage%40nahamcon-2024.iam.gserviceaccount.com&Signature=N9lB1wj4%2FOoss81ekUjMZ8BmpyokRws6X3cQeEcoW77mstmkcoMhFgueYz9MqvCcDMBgI6qiBnTPmH7MaHHwyeGN0%2BYwJK2adcPOg1tZlBy44NL7XtxwVyu%2B%2Bh5dFVOQCe4wW8brdQ0xr0Yx8jT5x5Xuwop4kh1uRTNs6ieK3Du%2Bge3CeQeZaOmgv%2BXZBaBTpAjaqO1F8p7mHb%2BSTVctS0S%2FlPieK9m1sMw3II0kR%2FMWbte5dHYT4wvaEeU1UYg%2FzZn5ymfKBDYAoGwaxXez4UOjM8bFMoxbkT4CzpsjiXTT9iqn5emaPDjA%2BshPbEQbbsj1RVWDI5a%2BbLy7%2BuF8Ag%3D%3D&response-content-disposition=attachment%3B+filename%3Deicar | Just an EICAR test file - this is boring but users asked for it |
| 2024-05-23 | medium | storage.googleapis.com/nahamcon-2024-ctfd-storage-9656/96add97c5178981f04ed8de6ae810e07/eicar?Expires=1716506902&GoogleAccessId=ctfd-storage%40nahamcon-2024.iam.gserviceaccount.com&Signature=N9lB1wj4%2FOoss81ekUjMZ8BmpyokRws6X3cQeEcoW77mstmkcoMhFgueYz9MqvCcDMBgI6qiBnTPmH7MaHHwyeGN0%2BYwJK2adcPOg1tZlBy44NL7XtxwVyu%2B%2Bh5dFVOQCe4wW8brdQ0xr0Yx8jT5x5Xuwop4kh1uRTNs6ieK3Du%2Bge3CeQeZaOmgv%2BXZBaBTpAjaqO1F8p7mHb%2BSTVctS0S%2FlPieK9m1sMw3II0kR%2FMWbte5dHYT4wvaEeU1UYg%2FzZn5ymfKBDYAoGwaxXez4UOjM8bFMoxbkT4CzpsjiXTT9iqn5emaPDjA%2BshPbEQbbsj1RVWDI5a%2BbLy7%2BuF8Ag%3D%3D&response-content-disposition=attachment%3B+filename%3Deicar | Rule to detect the EICAR pattern |
| 2024-05-23 | medium | storage.googleapis.com/nahamcon-2024-ctfd-storage-9656/96add97c5178981f04ed8de6ae810e07/eicar?Expires=1716506902&GoogleAccessId=ctfd-storage%40nahamcon-2024.iam.gserviceaccount.com&Signature=N9lB1wj4%2FOoss81ekUjMZ8BmpyokRws6X3cQeEcoW77mstmkcoMhFgueYz9MqvCcDMBgI6qiBnTPmH7MaHHwyeGN0%2BYwJK2adcPOg1tZlBy44NL7XtxwVyu%2B%2Bh5dFVOQCe4wW8brdQ0xr0Yx8jT5x5Xuwop4kh1uRTNs6ieK3Du%2Bge3CeQeZaOmgv%2BXZBaBTpAjaqO1F8p7mHb%2BSTVctS0S%2FlPieK9m1sMw3II0kR%2FMWbte5dHYT4wvaEeU1UYg%2FzZn5ymfKBDYAoGwaxXez4UOjM8bFMoxbkT4CzpsjiXTT9iqn5emaPDjA%2BshPbEQbbsj1RVWDI5a%2BbLy7%2BuF8Ag%3D%3D&response-content-disposition=attachment%3B+filename%3Deicar | Multi.EICAR.Not-a-virus |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
storage.googleapis.com/nahamcon-2024-ctfd-storage-9656/96add97c5178981f04ed8de6ae810e07/eicar?Expires=1716506902&GoogleAccessId=ctfd-storage%40nahamcon-2024.iam.gserviceaccount.com&Signature=N9lB1wj4%2FOoss81ekUjMZ8BmpyokRws6X3cQeEcoW77mstmkcoMhFgueYz9MqvCcDMBgI6qiBnTPmH7MaHHwyeGN0%2BYwJK2adcPOg1tZlBy44NL7XtxwVyu%2B%2Bh5dFVOQCe4wW8brdQ0xr0Yx8jT5x5Xuwop4kh1uRTNs6ieK3Du%2Bge3CeQeZaOmgv%2BXZBaBTpAjaqO1F8p7mHb%2BSTVctS0S%2FlPieK9m1sMw3II0kR%2FMWbte5dHYT4wvaEeU1UYg%2FzZn5ymfKBDYAoGwaxXez4UOjM8bFMoxbkT4CzpsjiXTT9iqn5emaPDjA%2BshPbEQbbsj1RVWDI5a%2BbLy7%2BuF8Ag%3D%3D&response-content-disposition=attachment%3B+filename%3Deicar
IP
216.58.207.219ASN
#15169 GOOGLE
File type
EICAR virus test files
Size
68 B (68 bytes)
Hash
44d88612fea8a8f36de82e1278abb02f
3395856ce81f2b7382dee72602f798b642f14140
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Just an EICAR test file - this is boring but users asked for it |
| Trellix Threat Reasearch YARA rules | malware | Rule to detect the EICAR pattern |
| Elastic Security YARA Rules | malware | Multi.EICAR.Not-a-virus |
| VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (4)
| URL | IP | Response | Size | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
o.pki.goog/s/wr3/TWg | 142.250.74.131 | 471 B | |||||||||||||||||
HTTP Headers
| |||||||||||||||||||
ctf.nahamcon.com/files/96add97c5178981f04ed8de6ae810e07/eicar?token=eyJ1c2VyX2lkIjo1MDAzLCJ0ZWFtX2lkIjoyNDcxLCJmaWxlX2lkIjo0OH0.Zk_I1Q.kkFE-oGOPQr_tvYEdSRWSOAMn5c | 35.244.227.28 | 302 Found | 1.5 kB | ||||||||||||||||
HTTP Headers
| |||||||||||||||||||
o.pki.goog/s/wr3/TWg | 142.250.74.131 | 471 B | |||||||||||||||||
HTTP Headers
| |||||||||||||||||||
storage.googleapis.com/nahamcon-2024-ctfd-storage-9656/96add97c5178981f04ed8de6ae810e07/eicar?Expires=1716506902&GoogleAccessId=ctfd-storage%40nahamcon-2024.iam.gserviceaccount.com&Signature=N9lB1wj4%2FOoss81ekUjMZ8BmpyokRws6X3cQeEcoW77mstmkcoMhFgueYz9MqvCcDMBgI6qiBnTPmH7MaHHwyeGN0%2BYwJK2adcPOg1tZlBy44NL7XtxwVyu%2B%2Bh5dFVOQCe4wW8brdQ0xr0Yx8jT5x5Xuwop4kh1uRTNs6ieK3Du%2Bge3CeQeZaOmgv%2BXZBaBTpAjaqO1F8p7mHb%2BSTVctS0S%2FlPieK9m1sMw3II0kR%2FMWbte5dHYT4wvaEeU1UYg%2FzZn5ymfKBDYAoGwaxXez4UOjM8bFMoxbkT4CzpsjiXTT9iqn5emaPDjA%2BshPbEQbbsj1RVWDI5a%2BbLy7%2BuF8Ag%3D%3D&response-content-disposition=attachment%3B+filename%3Deicar | 216.58.207.219 | 200 OK | 68 B | ||||||||||||||||
Detections
HTTP Headers
| |||||||||||||||||||