Report - n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip

Report Overview

Visited public
2024-11-03 08:06:34
Tags
URL
n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip
Finishing URL
about:privatebrowsing
IP / ASN
91.149.194.3
#200508 Sorok76 Ltd
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
n2.kemono.su	unknown	2022-08-25	2024-10-14	2024-10-29	546 B	11 MB	91.149.194.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip
IP
91.149.194.3
ASN
#48357 K4X OU

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
11 MB (10674191 bytes)
Hash
edda173ee745f79cf00e40cd5086f26b
6df0badb98626611931d21c76015a2c62195e28b
bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3

Archive (17)

Filename

Md5

File type

Clorinde.ini

25bac2ca73a69b15b7a894cf7fa53744

Generic INItialization configuration [TextureOverrideClorindeBlend]

ClorindeBlend.buf

9026d10f7112a9b13ac3153a302ec3ff

Adobe Photoshop Color swatch, version 0, 32831 colors; 1st RGB space (0), w 0, x 0, y 0, z 0; 2nd RGB space (0), w 0x1700, x 0, y 0, z 0

ClorindeBody.ib

c10bfb056413fe404d268a7985079846

data

ClorindeBodyDiffuse.dds

470d93a52679d0843efa623c56f4b689

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM_SRGB

ClorindeBodyLightMap.dds

ef58bf3dac85e5156666213732b86d6c

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM

ClorindeBodyNormalMap.dds

de1489068a4b434f3203c631b89eabb3

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM

ClorindeDress.ib

d8340fd87a74e628be1c0c9b834aa3e9

data

ClorindeDressDiffuse.dds

470d93a52679d0843efa623c56f4b689

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM_SRGB

ClorindeDressLightMap.dds

4364c845fbeafb9c1282dcb19573f059

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM

ClorindeDressNormalMap.dds

29c8112005f105435ac53a1ade6d22e8

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM

ClorindeHead.ib

e12146dec360e52e08e4b8c0fb1377b8

data

ClorindeHeadDiffuse.dds

204e41794701833ec5bd31739ecc093c

Microsoft DirectDraw Surface (DDS): 2048 x 2048, DXGI format: BC7_UNORM_SRGB

ClorindeHeadLightMap.dds

f2129f6e2398a1883a8847e4cce4188c

Microsoft DirectDraw Surface (DDS): 1024 x 1024, DXGI format: BC7_UNORM

ClorindeHeadNormalMap.dds

a382cdff5aa6d00ba0b48a735b7d0525

Microsoft DirectDraw Surface (DDS): 1024 x 1024, DXGI format: BC7_UNORM

ClorindePosition.buf

6bdc823edd0708f8e7ff18ae0a4c2cdb

data

ClorindeTexcoord.buf

ffd74bef78b5ed6dbc50012737ed74c2

data

genshin_set_outlines.py

ba416c4f346a58feaff9d93a811ad948

Python script, ASCII text executable

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip	91.149.194.3	200 OK	11 MB
URL User Request GET HTTP/2 n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip IP 91.149.194.3:443 ASN #48357 K4X OU Certificate IssuerLet's Encrypt Subjectn2.kemono.su FingerprintF5:0C:9C:CF:A6:32:1B:13:30:57:C0:0A:B3:BB:90:43:B2:3E:ED:CE ValiditySun, 22 Sep 2024 17:12:58 GMT - Sat, 21 Dec 2024 17:12:57 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 11 MB (10674191 bytes) Hash edda173ee745f79cf00e40cd5086f26b 6df0badb98626611931d21c76015a2c62195e28b bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3 HTTP Headers GET /data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip HTTP/1.1 Host: n2.kemono.su User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Sun, 03 Nov 2024 08:06:04 GMT content-type: application/zip content-length: 10674191 last-modified: Fri, 07 Jun 2024 07:58:59 GMT etag: "6662bdc3-a2e00f" x-cache-status: HIT x-cache-range: bytes=0-4194303 access-control-allow-origin: https://kemono.su access-control-allow-methods: GET, OPTIONS access-control-allow-headers: * cache-control: public, max-age=2592000, s-maxage=2592000 accept-ranges: bytes X-Firefox-Spdy: h2`

n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip

91.149.194.3

200 OK

11 MB

URL User Request GET HTTP/2
n2.kemono.su/data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip
IP
91.149.194.3:443
ASN
#48357 K4X OU

Certificate
IssuerLet's Encrypt
Subjectn2.kemono.su
FingerprintF5:0C:9C:CF:A6:32:1B:13:30:57:C0:0A:B3:BB:90:43:B2:3E:ED:CE
ValiditySun, 22 Sep 2024 17:12:58 GMT - Sat, 21 Dec 2024 17:12:57 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
11 MB (10674191 bytes)
Hash
edda173ee745f79cf00e40cd5086f26b
6df0badb98626611931d21c76015a2c62195e28b
bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3

HTTP Headers

GET /data/bd/fa/bdfa6173e362ea1151e76ec03300a4c5c03d297c299aee070c160427937d44a3.zip HTTP/1.1
Host: n2.kemono.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Nov 2024 08:06:04 GMT
content-type: application/zip
content-length: 10674191
last-modified: Fri, 07 Jun 2024 07:58:59 GMT
etag: "6662bdc3-a2e00f"
x-cache-status: HIT
x-cache-range: bytes=0-4194303
access-control-allow-origin: https://kemono.su
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: *
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (17)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers