| pkg-store.dl.mail.ru/packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll | 188.93.63.73 | | 153 B |
URL pkg-store.dl.mail.ru/packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll IP188.93.63.73:0
File typeHTML document, ASCII text, with CRLF line terminators Hash706a98254456810d3e849c3957af9d01 e461d072a6ba8f0082d6f187eba7f053343529c6 8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
NIDS | Severity | Alert | suricata | medium | ET HUNTING HTTP GET Request for newtonsoft.json.dll - Possible Infostealer Activity |
GET /packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Fri, 19 Apr 2024 23:49:29 GMT
content-type: text/html
content-length: 153
X-Firefox-Spdy: h2
|
| pkg-store.dl.mail.ru/packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll | 188.93.63.73 | | 153 B |
URL pkg-store.dl.mail.ru/packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll IP188.93.63.73:0
File typeHTML document, ASCII text, with CRLF line terminators Hash706a98254456810d3e849c3957af9d01 e461d072a6ba8f0082d6f187eba7f053343529c6 8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
NIDS | Severity | Alert | suricata | medium | ET HUNTING HTTP GET Request for newtonsoft.json.dll - Possible Infostealer Activity |
GET /packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Fri, 19 Apr 2024 23:49:30 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
|
| pkg-store.dl.mail.ru/favicon.ico | 188.93.63.73 | | 265 B |
URL pkg-store.dl.mail.ru/favicon.ico IP188.93.63.73:0
File typeHTML document, ASCII text Hash0326eb837e660f8a849f26a0b0d1d4dd 33e86ab54e1aa1b0454e2a8e0e0a2ba5e8e330a4 00fcdef2ad978ae5d653c537fdfd8dfeca8616667eea927a129f7238a7fc9122
GET /favicon.ico HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://pkg-store.dl.mail.ru/packages/shop/0_2028230distrib3/Bus%20Driver%20Simulator_Data/Managed/Newtonsoft.Json.dll
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Fri, 19 Apr 2024 23:49:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 265
Connection: keep-alive
|