Report - files.catbox.moe/slm28c.zip

Report Overview

Visited public
2024-08-03 03:54:48
Tags
URL
files.catbox.moe/slm28c.zip
Finishing URL
about:privatebrowsing
IP / ASN
108.181.20.37
#40676 AS40676
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-02 18:13:27	2.6 kB	7.1 kB	23.36.76.226
files.catbox.moe	174913	2015-04-06	2015-06-30 01:27:11	2024-08-01 19:33:20	481 B	31 kB	108.181.20.37

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-08-03 03:54:23	medium	Client IP	108.181.20.37	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2024-08-03 03:54:23	medium	Client IP	108.181.20.37	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
files.catbox.moe/slm28c.zip
IP
108.181.20.37
ASN
#40676 AS40676

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
30 kB (30251 bytes)
Hash
53a3b3087f3b104f0caa2d89d1499b96
de732eae9ffd23e45a5227b2335cdfedf047abdd
5eb6b49daf3a88ba746f28fe567b844e5672308903deb0649d9bc6c4b8056367

Archive (7)

Modified	Filename	Size	Md5	File type
2024-08-02 23:26	bolter1.vsvg_c	9.7 kB	cd7dcf2f4cecb395e655a895f0fcd461	data
2024-08-02 23:26	boom.vsvg_c	13 kB	a71613b31dba6b80fb5c20a2dd922462	data
2024-08-02 23:26	fish.vsvg_c	22 kB	4d5b87d4d9d02360d6ce37b9f37be75d	data
2024-08-02 23:26	kick.vsvg_c	5.2 kB	75c0bd1e4abb7193e1d0560f95b862e0	data
2024-08-02 23:26	pickaxe.vsvg_c	7.3 kB	80330c9b103a596673d0f130ceca2485	OpenPGP Secret Key
2024-08-02 23:26	star.vsvg_c	2.2 kB	eace22538338b013867342fdad88d329	data
2024-08-02 23:33	zombie.vsvg_c	5.7 kB	6a0b94afc9b35d56892e2156d23bcd34	data

JavaScript (0)

HTTP Transactions (9)

	URL	IP	Response	Size
	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 1f657e78cc6cd633543a7c714446bc96 6c9ce1ef30668bf4e402d553e8c16b7d52871b7f 2a52e00c2d138753be73d181f49067827ab153e56cf68d50c690046b1a1873a7 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "2A52E00C2D138753BE73D181F49067827AB153E56CF68D50C690046B1A1873A7" Last-Modified: Thu, 01 Aug 2024 06:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18635 Expires: Sat, 03 Aug 2024 09:04:58 GMT Date: Sat, 03 Aug 2024 03:54:23 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 2b7af8743a0baccf520f7d3c63f9aa03 d531f4d4c3b83565dbe8f972052708201df0d668 542b016f56d55ac6e101e5930905ac5873ab375bb530ae7f2dbbbe98f4663926 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "542B016F56D55AC6E101E5930905AC5873AB375BB530AE7F2DBBBE98F4663926" Last-Modified: Thu, 01 Aug 2024 06:56:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15773 Expires: Sat, 03 Aug 2024 08:17:16 GMT Date: Sat, 03 Aug 2024 03:54:23 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash b84a2e6efef529bac3e0d5dd309babe7 b22b4d0e8f84859a83b85939ae4c77d16fde0c93 9ed1020ce84380273c514b5c14a8705879d8233acaae13b428063bc7b83a067b HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "9ED1020CE84380273C514B5C14A8705879D8233ACAAE13B428063BC7B83A067B" Last-Modified: Thu, 01 Aug 2024 06:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18305 Expires: Sat, 03 Aug 2024 08:59:28 GMT Date: Sat, 03 Aug 2024 03:54:23 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 06f86a556a3bc0d04f36267a3081f07f 3ca01a6761c66a9434a2ee060e2cb4b685b0b9f8 e9d373f8bcb454c3fc0b4e4d3768e5104c7f4cad03145468f9d2c0ff89c08143 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "E9D373F8BCB454C3FC0B4E4D3768E5104C7F4CAD03145468F9D2C0FF89C08143" Last-Modified: Thu, 01 Aug 2024 06:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2339 Expires: Sat, 03 Aug 2024 04:33:22 GMT Date: Sat, 03 Aug 2024 03:54:23 GMT Connection: keep-alive`

	files.catbox.moe/slm28c.zip	108.181.20.37	200 OK	30 kB
URL User Request GET HTTP/2 files.catbox.moe/slm28c.zip IP 108.181.20.37:443 ASN #40676 AS40676 Certificate IssuerLet's Encrypt Subject.catbox.moe FingerprintCA:B4:7A:2F:13:6A:22:A1:4C:C5:1D:26:14:E2:A5:88:B3:3A:C1:C2 ValidityWed, 29 May 2024 13:08:05 GMT - Tue, 27 Aug 2024 13:08:04 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 30 kB (30251 bytes) Hash 53a3b3087f3b104f0caa2d89d1499b96 de732eae9ffd23e45a5227b2335cdfedf047abdd 5eb6b49daf3a88ba746f28fe567b844e5672308903deb0649d9bc6c4b8056367 HTTP Headers `GET /slm28c.zip HTTP/1.1 Host: files.catbox.moe User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 03 Aug 2024 03:54:24 GMT content-type: application/zip content-length: 30251 last-modified: Fri, 02 Aug 2024 23:23:29 GMT etag: "66ad6a71-762b" x-content-type-options: nosniff content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self'; access-control-allow-origin: access-control-allow-methods: GET, HEAD accept-ranges: bytes X-Firefox-Spdy: h2

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 7b71bbce2c5e563fde3afb60497eb33b ffe77143d7aae5b966b693211336919b872de46a 5d3fe5575b14f6f240e86c4c5065e8f3f79a6f20039efce544e7597166c1ae0f HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5D3FE5575B14F6F240E86C4C5065E8F3F79A6F20039EFCE544E7597166C1AE0F" Last-Modified: Thu, 01 Aug 2024 06:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6335 Expires: Sat, 03 Aug 2024 05:40:00 GMT Date: Sat, 03 Aug 2024 03:54:25 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 7b71bbce2c5e563fde3afb60497eb33b ffe77143d7aae5b966b693211336919b872de46a 5d3fe5575b14f6f240e86c4c5065e8f3f79a6f20039efce544e7597166c1ae0f HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5D3FE5575B14F6F240E86C4C5065E8F3F79A6F20039EFCE544E7597166C1AE0F" Last-Modified: Thu, 01 Aug 2024 06:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6335 Expires: Sat, 03 Aug 2024 05:40:00 GMT Date: Sat, 03 Aug 2024 03:54:25 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 7b71bbce2c5e563fde3afb60497eb33b ffe77143d7aae5b966b693211336919b872de46a 5d3fe5575b14f6f240e86c4c5065e8f3f79a6f20039efce544e7597166c1ae0f HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5D3FE5575B14F6F240E86C4C5065E8F3F79A6F20039EFCE544E7597166C1AE0F" Last-Modified: Thu, 01 Aug 2024 06:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6335 Expires: Sat, 03 Aug 2024 05:40:00 GMT Date: Sat, 03 Aug 2024 03:54:25 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 7b71bbce2c5e563fde3afb60497eb33b ffe77143d7aae5b966b693211336919b872de46a 5d3fe5575b14f6f240e86c4c5065e8f3f79a6f20039efce544e7597166c1ae0f HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "5D3FE5575B14F6F240E86C4C5065E8F3F79A6F20039EFCE544E7597166C1AE0F" Last-Modified: Thu, 01 Aug 2024 06:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6335 Expires: Sat, 03 Aug 2024 05:40:00 GMT Date: Sat, 03 Aug 2024 03:54:25 GMT Connection: keep-alive`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

JavaScript (0)

HTTP Transactions (9)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL