Report - files.catbox.moe/o1gfi8.zip

Report Overview

Visited public
2023-09-24 10:09:03
Tags
URL
files.catbox.moe/o1gfi8.zip
Finishing URL
about:privatebrowsing
IP / ASN
108.181.20.35
#852 TELUS Communications
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

5

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
files.catbox.moe	174913	2015-04-06	2015-06-30 01:27:11	2023-09-23 20:48:23	754 B	1.1 kB	108.181.20.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-24 10:08:46	medium	Client IP	108.181.20.35	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2023-09-24 10:08:46	medium	Client IP	108.181.20.35	ETPRO INFO .moe Domain in TLS SNI
2023-09-24 10:08:55	medium	Client IP	108.181.20.35	ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)
2023-09-24 10:08:55	medium	Client IP	108.181.20.35	ETPRO INFO .moe Domain in TLS SNI
2023-09-24 10:08:55	medium	Client IP	108.181.20.35	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	files.catbox.moe/	108.181.20.35		169 B
URL files.catbox.moe/ IP 108.181.20.35:0 ASN #852 TELUS Communications File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 169 B (169 bytes) Hash 8c2170ef3ddebf996718575917956e9c 618ab5fab7445b7797272607a22c0d307465857f 31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55 HTTP Headers `GET / HTTP/1.1 Host: files.catbox.moe User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx/1.21.3 Date: Sun, 24 Sep 2023 10:08:54 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://files.catbox.moe/ Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block`

	files.catbox.moe/o1gfi8.zip	0.0.0.0		0 B
URL User Request GET files.catbox.moe/o1gfi8.zip IP 0.0.0.0:0 ASN #0 Certificate IssuerLet's Encrypt Subjectcatbox.moe FingerprintFF:BB:6E:BF:BA:18:04:69:3D:B5:0A:C9:1C:D2:2D:1E:AB:DB:93:DD ValidityFri, 08 Sep 2023 05:57:55 GMT - Thu, 07 Dec 2023 05:57:54 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /o1gfi8.zip HTTP/1.1 Host: files.catbox.moe User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx/1.21.3 date: Sun, 24 Sep 2023 10:08:54 GMT content-type: application/zip content-length: 52863032 last-modified: Mon, 24 Apr 2023 05:29:02 GMT etag: "6446139e-326a038" x-content-type-options: nosniff content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self'; access-control-allow-origin: * access-control-allow-methods: GET, HEAD accept-ranges: bytes X-Firefox-Spdy: h2