Report - dllanalysis.com/download.php?xlstatcr1c.dll

Report Overview

Visitedpublic

2025-02-19 04:42:21

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2025-02-19	524 B	1.2 kB	35.244.181.201
www.fortect.com	unknown	2022-01-21	2022-04-04	2025-02-15	546 B	842 kB	104.26.3.16
util.fortect.com	unknown	2022-01-21	2022-07-27	2025-02-06	814 B	844 kB	104.26.3.16
dllanalysis.com	unknown	2025-01-01	2025-02-06	2025-02-06	511 B	841 kB	104.21.7.200
cloud.fortect.com	unknown	2022-01-21	2022-04-04	2025-02-08	937 B	841 kB	104.26.3.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-19 04:41:52	medium	Client IP	104.26.3.16	ET ADWARE_PUP Observed PC Optimizer Software Domain (fortect .com in TLS SNI)
2025-02-19 04:41:52	medium	Client IP	104.26.3.16	ET ADWARE_PUP Observed PC Optimizer Software Domain (fortect .com in TLS SNI)
2025-02-19 04:41:52	medium	Client IP	172.67.75.40	ET ADWARE_PUP Observed PC Optimizer Software Domain (fortect .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

cloud.fortect.com/app/installation/downloader/7216/Fortect.exe

IP / ASN

104.26.3.16

#13335 CLOUDFLARENET

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

Size840 kB (840304 bytes)

MD506973cd452bfd255a42db3081722e0d2

SHA1d742f584da1f3b2ed212125a61415133a0384398

SHA256b50d674fe3873196ee5ff2bc24ca30c28054a01532943d969273a5562b0b5ef0

JavaScript (0)

HTTP Transactions (5)

	URL	IP	Response	Size
	GET cloud.fortect.com/app/installation/downloader/7216/Fortect.exe	104.26.3.16	200 OK	840 kB
URL cloud.fortect.com/app/installation/downloader/7216/Fortect.exe IP / ASN 104.26.3.16 #13335 CLOUDFLARENET Requested byN/A Resource Info File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections First Seen2025-02-10 Last Seen2025-02-25 Times Seen52 Size840 kB (840304 bytes) MD506973cd452bfd255a42db3081722e0d2 SHA1d742f584da1f3b2ed212125a61415133a0384398 SHA256b50d674fe3873196ee5ff2bc24ca30c28054a01532943d969273a5562b0b5ef0 Certificate Info IssuerGoogle Trust Services Subjectfortect.com Fingerprint56:61:8C:95:11:C4:44:90:20:C8:E7:72:03:10:16:25:FD:01:3F:AC ValidityThu, 02 Jan 2025 17:49:08 GMT - Wed, 02 Apr 2025 18:48:57 GMT HTTP Headers GET /app/installation/downloader/7216/Fortect.exe HTTP/1.1 Host: cloud.fortect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _testcookie=test; _trackid=30150096; _trackid_30150096=30150096; _tracking=wki; _tracking_wki=wki; _campaign=direct; _campaign_direct=direct; _adgroup=lander-xlstatcr1c.dll; _adgroup_lander-xlstatcr1c.dll=lander-xlstatcr1c.dll; _keyword=direct; _keyword_direct=direct; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 19 Feb 2025 04:41:52 GMT content-type: application/x-msdownload content-length: 840304 x-amz-id-2: T9aheTfy9S9GR1JpYToLJ1pBQZrGWcpfFFqbgaRRgJd2agGBLdMrj+meszYiDtY6vFzHhLUS9mWGrG6gxrHQ4uJQBsZ8ETCk x-amz-request-id: 7F6BK32RA0ASQ33F last-modified: Sun, 09 Feb 2025 13:23:36 GMT etag: "06973cd452bfd255a42db3081722e0d2" cache-control: max-age=2678400 cf-cache-status: HIT age: 5116 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2FGK2MkLLm7VFk4zysUy%2F0VQ3zqZ0G8VUwydyTfGjYgac%2FVyug05UQWtbPpEyr18svkX9Sx85TWAv9aVTL36tjzlAaZfLzXVbq4X6nAlyBI7%2F2HfDJZ%2F8BM4QDK9ONe4D3Tt"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 914396498b8eb511-OSL server-timing: cfL4;desc="?proto=TCP&rtt=3287&min_rtt=410&rtt_var=5487&sent=14&recv=18&lost=0&retrans=0&sent_bytes=7107&recv_bytes=1908&delivery_rate=7168316&cwnd=257&unsent_bytes=0&cid=169221e756d4b419&ts=555&x=0" X-Firefox-Spdy: h2

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.41%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201	200 OK	444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.41%2Clibpulse%20not-available)/default/default/update.xml IP / ASN 35.244.181.201 #396982 GOOGLE-CLOUD-PLATFORM Requested byN/A Resource Info File typeXML 1.0 document, ASCII text, with very long lines (332) First Seen2023-10-13 Last Seen2025-06-20 Times Seen185315 Size444 B (444 bytes) MD53b324dec137a87ef7e24a30a65b13dd0 SHA1c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 SHA2566cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.41%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/g/chains/202402/aus.content-signature.mozilla.org-2025-03-21-18-01-18.chain; p384ecdsa=zG1a_yMvXrrI-8uz8UcBDdNKhcTl232jY1HFxiEmz45S-NdjEOs7wUWynFygbKc89S8pVJie42qn0xqxdL0xrd8r_-ctFDIRnufx2oKbo7xgTV5w0jxBl_cBrK3agWjv strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: EXPIRED content-encoding: gzip via: 1.1 google date: Wed, 19 Feb 2025 04:41:34 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 36 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

	GET www.fortect.com/go/route-wki.php?channel=wki&d=t&adgroup=lander-xlstatcr1c.dll	104.26.3.16	301 Moved Permanently	840 kB
URL www.fortect.com/go/route-wki.php?channel=wki&d=t&adgroup=lander-xlstatcr1c.dll IP / ASN 104.26.3.16 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-03 Times Seen5619369 Size840 kB (840304 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjectfortect.com Fingerprint56:61:8C:95:11:C4:44:90:20:C8:E7:72:03:10:16:25:FD:01:3F:AC ValidityThu, 02 Jan 2025 17:49:08 GMT - Wed, 02 Apr 2025 18:48:57 GMT HTTP Headers GET /go/route-wki.php?channel=wki&d=t&adgroup=lander-xlstatcr1c.dll HTTP/1.1 Host: www.fortect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently date: Wed, 19 Feb 2025 04:41:52 GMT content-type: text/html; charset=UTF-8 location: https://util.fortect.com/tk-2983/tk-4947.php?channel=wki&campaign=direct&adgroup=lander-xlstatcr1c.dll&ads_name=direct&keyword=direct&d=t&productid=1&sourceCookie=%2Fgo%2Froute-wki.phpchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT set-cookie: _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com _source=%2Fgo%2Froute-wki.php%3Fchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com _testcookie=test; expires=Wed, 19-Feb-2025 04:47:52 GMT; Max-Age=360; path=/; domain=fortect.com marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPoqU3fjvB08D0BAs4YU%2BDaeSJ0GsTOl2BkSMHiaV7OG%2FDo23bHGk7ivdzZB8xb7kRS%2FSiwMhhMpM2nlxttZHcwQSmo344gD%2BMIlyC0fHF9Yr2IQMJwDHA%2FqAilU9xel9w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 914396463a9cb511-OSL server-timing: cfL4;desc="?proto=TCP&rtt=5859&min_rtt=410&rtt_var=10865&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1171&delivery_rate=7168316&cwnd=254&unsent_bytes=0&cid=169221e756d4b419&ts=266&x=0" X-Firefox-Spdy: h2

	GET util.fortect.com/tk-2983/tk-4947.php?channel=wki&campaign=direct&adgroup=lander-xlstatcr1c.dll&ads_name=direct&keyword=direct&d=t&productid=1&sourceCookie=%2Fgo%2Froute-wki.phpchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll	104.26.3.16	302 Found	840 kB
URL util.fortect.com/tk-2983/tk-4947.php?channel=wki&campaign=direct&adgroup=lander-xlstatcr1c.dll&ads_name=direct&keyword=direct&d=t&productid=1&sourceCookie=%2Fgo%2Froute-wki.phpchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll IP / ASN 104.26.3.16 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-03 Times Seen5619369 Size840 kB (840304 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjectfortect.com Fingerprint56:61:8C:95:11:C4:44:90:20:C8:E7:72:03:10:16:25:FD:01:3F:AC ValidityThu, 02 Jan 2025 17:49:08 GMT - Wed, 02 Apr 2025 18:48:57 GMT HTTP Headers GET /tk-2983/tk-4947.php?channel=wki&campaign=direct&adgroup=lander-xlstatcr1c.dll&ads_name=direct&keyword=direct&d=t&productid=1&sourceCookie=%2Fgo%2Froute-wki.phpchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll HTTP/1.1 Host: util.fortect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _source=%2Fgo%2Froute-wki.php%3Fchannel%3Dwki%26d%3Dt%26adgroup%3Dlander-xlstatcr1c.dll; _testcookie=test Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Wed, 19 Feb 2025 04:41:52 GMT content-type: text/html; charset=UTF-8 location: https://cloud.fortect.com/app/installation/downloader/7216/Fortect.exe p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml" cache-control: no-store, no-cache, must-revalidate expires: Thu, 19 Nov 1981 08:52:00 GMT accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version set-cookie: PHPSESSID=0lnc1hm5psgdvj6vdt5oijpco8; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _trackid=30150096; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _trackid_30150096=30150096; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _tracking=wki; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _tracking_wki=wki; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _campaign=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _campaign_direct=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _adgroup=lander-xlstatcr1c.dll; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _adgroup_lander-xlstatcr1c.dll=lander-xlstatcr1c.dll; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _keyword=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _keyword_direct=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _ads=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _ads_direct=direct; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _browser=Firefox; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _browser_Firefox=Firefox; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _country=Norway; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None _country_Norway=Norway; expires=Sun, 20-Apr-2025 04:41:52 GMT; Max-Age=5184000; path=/; domain=fortect.com; secure; HttpOnly; SameSite=None pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zra23SLqH7%2BfMi%2FhIPOws7VnJSRYusUtn1Dv1hILuflH%2FPVoVEoVWAGpy1xPqEJit1PM1jQkPBSh1gHYkW3FSY%2FPpyzgDxIOfxVqFZ2%2FhJKe4TSlEsPBv9nEBKijsWmNG6Q%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 914396482b15b511-OSL server-timing: cfL4;desc="?proto=TCP&rtt=4616&min_rtt=410&rtt_var=8266&sent=10&recv=14&lost=0&retrans=0&sent_bytes=4441&recv_bytes=1487&delivery_rate=7168316&cwnd=256&unsent_bytes=0&cid=169221e756d4b419&ts=509&x=0" X-Firefox-Spdy: h2

	GET dllanalysis.com/download.php?xlstatcr1c.dll	104.21.7.200	302 Found	840 kB
URL dllanalysis.com/download.php?xlstatcr1c.dll IP / ASN 104.21.7.200 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-03 Times Seen5619369 Size840 kB (840304 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjectdllanalysis.com Fingerprint0B:82:A3:EC:9D:C7:AA:CF:62:87:9A:89:90:9A:70:0E:76:AA:93:B3 ValidityWed, 01 Jan 2025 17:37:56 GMT - Tue, 01 Apr 2025 18:08:51 GMT HTTP Headers `GET /download.php?xlstatcr1c.dll HTTP/1.1 Host: dllanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Wed, 19 Feb 2025 04:41:52 GMT content-type: text/html; charset=UTF-8 location: https://www.fortect.com/go/route-wki.php?channel=wki&d=t&adgroup=lander-xlstatcr1c.dll cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rg3iaM4MK6pNUz9zyVqSN1qxOPPBQhiryJYdhrWNnQXBFp4B2rH46Ra7EmTM%2F4Pnk4eR7JyDwRIA7gx9ES%2BElH2xO7c%2FLA%2FWGkv1Avmr8PD%2BxUDVUtOGPlTwexw80DuvvxI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 914396441ee756a3-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=577&min_rtt=472&rtt_var=187&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3287&recv_bytes=1273&delivery_rate=5533757&cwnd=254&unsent_bytes=0&cid=15e87349a35e0338&ts=279&x=0" X-Firefox-Spdy: h2

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

File detected

JavaScript (0)

HTTP Transactions (5)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers