Report - c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=

Report Overview

Visited public
2023-12-24 21:42:15
Tags
URL
c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=
Finishing URL
about:privatebrowsing
IP / ASN
104.18.236.90
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c10.patreonusercontent.com	39060	2017-04-06	2017-08-24 01:25:35	2023-12-24 12:00:02	658 B	1.7 MB	104.18.236.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=
IP
104.18.236.90
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.7 MB (1665760 bytes)
Hash
9e5776e0085c335880c5ee5dcb949669
7869d3705e1ee910f4433f1f62b4a954ad05b463
4af6f1460c5f3532dfe5a117edb94e9e60cbde09667ec457f8712e9d918f95ff

Archive (7)

Filename

Md5

File type

!chingyu_casVer_AttractivenessTraits_V2.6.package

b4ad075b3d23fb36d9d52b922797ff9e

Maxis Database Packed File, version: 2.1, files: 550

!chingyu_casVer_BasicTraits_V2.6.package

4d824013018726a631851b46ba2b845d

Maxis Database Packed File, version: 2.1, files: 1666

!chingyu_RewardVer_AttractivenessTraits_V2.6.package

fa70f12405c0a238db7eefd4c369d12c

Maxis Database Packed File, version: 2.1, files: 550

!chingyu_RewardVer_BasicTraits_V2.6.package

4025af52211636d369d62c430d298a0a

Maxis Database Packed File, version: 2.1, files: 1666

chingyu_CommonTraitsMenu.package

f1477c1ed19c6566280840ab442784ac

Maxis Database Packed File, version: 2.1, files: 79

chingyu_CommonTraitsMenu.ts4script

9562bded6a6a248036fce290fda79470

Zip archive data, at least v2.0 to extract, compression method=deflate

Info_Of_100TraitsPack_V2.txt

862eecb786ce77ad6840337fbeee7627

Unicode text, UTF-8 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=	104.18.236.90	200 OK	1.7 MB
URL User Request GET HTTP/2 c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs= IP 104.18.236.90:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintC0:3A:02:44:E4:67:4E:A3:66:97:B1:80:76:8D:77:B1:03:54:96:31 ValidityFri, 05 May 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 1.7 MB (1665760 bytes) Hash 9e5776e0085c335880c5ee5dcb949669 7869d3705e1ee910f4433f1f62b4a954ad05b463 4af6f1460c5f3532dfe5a117edb94e9e60cbde09667ec457f8712e9d918f95ff HTTP Headers GET /4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs= HTTP/1.1 Host: c10.patreonusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 24 Dec 2023 21:41:49 GMT content-type: application/zip content-length: 1665760 cf-ray: 83ac02b7389f56cc-OSL cf-cache-status: HIT accept-ranges: bytes access-control-allow-origin: https://www.patreon.com age: 1754780 cache-control: public, max-age=31536000 content-disposition: attachment; filename="!chingyu_RemadeFrom100TraitsPack_V2.6.zip"; filename*=utf-8''%21chingyu_RemadeFrom100TraitsPack_V2.6.zip etag: W/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1 expires: Mon, 23 Dec 2024 21:41:49 GMT vary: Accept-Encoding access-control-allow-headers: Content-Type, Range, Content-Length content-security-policy: default-src 'none'; media-src https://c10.patreonusercontent.com x-powered-by: Express set-cookie: __cf_bm=GAV6Iax15_DjI3FATGRPMjr4YT3uE76Xc7mcnCVQki0-1703454109-1-Ad50cQJ+TkBNcfA7furLWK1R9nm4zcUu+4ueqzbhOkL+wtq2rFQvpSefvdEsHcs31DLr9fBpZlleJeXDoEE8p4Y=; path=/; expires=Sun, 24-Dec-23 22:11:49 GMT; domain=.patreonusercontent.com; HttpOnly; Secure; SameSite=None report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8CaJPgaaOx2pudqCvQdsCBtlmfcgHRO9QXff5W7hCbIX0YO9CZkfVzoffOKqgez8lyFjl1dpq37ZXF8NQkb9FtBX8FACR61LrY4LhovXYyc4YNl7%2BCTxrX8mLvTMRIGpYEPt1eGNHR0kueh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare X-Firefox-Spdy: h2

c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=

104.18.236.90

200 OK

1.7 MB

URL User Request GET HTTP/2
c10.patreonusercontent.com/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs=
IP
104.18.236.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC0:3A:02:44:E4:67:4E:A3:66:97:B1:80:76:8D:77:B1:03:54:96:31
ValidityFri, 05 May 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.7 MB (1665760 bytes)
Hash
9e5776e0085c335880c5ee5dcb949669
7869d3705e1ee910f4433f1f62b4a954ad05b463
4af6f1460c5f3532dfe5a117edb94e9e60cbde09667ec457f8712e9d918f95ff

HTTP Headers

GET /4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1?token-time=1703721600&token-hash=4iPieFeX3p9vyvCzd5v3dRp1quOW3Vgaa9u7ESHwEAs= HTTP/1.1
Host: c10.patreonusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 21:41:49 GMT
content-type: application/zip
content-length: 1665760
cf-ray: 83ac02b7389f56cc-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: https://www.patreon.com
age: 1754780
cache-control: public, max-age=31536000
content-disposition: attachment; filename="!chingyu_RemadeFrom100TraitsPack_V2.6.zip"; filename*=utf-8''%21chingyu_RemadeFrom100TraitsPack_V2.6.zip
etag: W/4/patreon-media/p/post/54477138/2e7f0e3019ec42629a39e3db453ab96c/eyJhIjoxLCJwIjoxfQ==/1
expires: Mon, 23 Dec 2024 21:41:49 GMT
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, Content-Length
content-security-policy: default-src 'none'; media-src https://c10.patreonusercontent.com
x-powered-by: Express
set-cookie: __cf_bm=GAV6Iax15_DjI3FATGRPMjr4YT3uE76Xc7mcnCVQki0-1703454109-1-Ad50cQJ+TkBNcfA7furLWK1R9nm4zcUu+4ueqzbhOkL+wtq2rFQvpSefvdEsHcs31DLr9fBpZlleJeXDoEE8p4Y=; path=/; expires=Sun, 24-Dec-23 22:11:49 GMT; domain=.patreonusercontent.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8CaJPgaaOx2pudqCvQdsCBtlmfcgHRO9QXff5W7hCbIX0YO9CZkfVzoffOKqgez8lyFjl1dpq37ZXF8NQkb9FtBX8FACR61LrY4LhovXYyc4YNl7%2BCTxrX8mLvTMRIGpYEPt1eGNHR0kueh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers