| sqdownd.onlinedown.net/down/fu.rar |  121.17.124.126 | | 263 B |
URL sqdownd.onlinedown.net/down/fu.rar IP121.17.124.126:0 ASN#4837 CHINA UNICOM China169 Backbone
File typeXML 1.0 document text\012- XML document, ASCII text, with no line terminators Hash1fe251e6c036ccee44510d2d6594a135 66d353c4c2df315b8260ec16518292b7881e0d88 1fc9055ebc0bff13d2d713485378f61470a2b77e1319e7013a740b5f677c8b9c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /down/fu.rar HTTP/1.1
Host: sqdownd.onlinedown.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 18 May 2023 01:13:51 GMT
Content-Type: application/xml
Content-Length: 263
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHzxmH3HeqCiA08iuRcyEg7nwVmAtRc
x-amz-request-id: 000001882C6BA39E9016A236861FD686
x-reserved-indicator: 361
X-CCDN-Origin-Time: 136
Age: 1
via: CHN-HEhengshui-AREACUCC3-CACHE16[158],CHN-HEhengshui-AREACUCC3-CACHE30[152,TCP_MISS,156],CHN-TJ-GLOBAL1-CACHE21[141],CHN-TJ-GLOBAL1-CACHE81[136,TCP_MISS,141]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 2592000
|
| sqdownd.onlinedown.net/down/fu.rar | 120.52.95.249 | | 263 B |
URL sqdownd.onlinedown.net/down/fu.rar IP120.52.95.249:0 ASN#133119 China Unicom IP network
File typeXML 1.0 document text\012- XML document, ASCII text, with no line terminators Hashbdf47313a774b488d482c999085e3c76 9973a19a403f3014fb4508cbeffac888a40fd597 1540cdf701570006e99e246d4002ff1e1b4a8106f5877aee66d2708382577acf
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /down/fu.rar HTTP/1.1
Host: sqdownd.onlinedown.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 18 May 2023 01:13:52 GMT
Content-Type: application/xml
Content-Length: 263
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSqjRsn3oLI0VFI4PmFIUANMbfhqVb59
x-amz-request-id: 000001882C6BA690901B7E22EC0FC340
x-reserved-indicator: 361
X-CCDN-Origin-Time: 368
Age: 1
via: CHN-HElangfang-AREACUCC1-CACHE2[383],CHN-HElangfang-AREACUCC1-CACHE30[378,TCP_MISS,381],CHN-TJ-GLOBAL1-CACHE5[373],CHN-TJ-GLOBAL1-CACHE81[368,TCP_MISS,371]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 2592000
|
| sqdownd.onlinedown.net/favicon.ico | 120.52.95.249 | | 263 B |
URL sqdownd.onlinedown.net/favicon.ico IP120.52.95.249:0 ASN#133119 China Unicom IP network
File typeXML 1.0 document text\012- XML document, ASCII text, with no line terminators Hash7ae285c00ef78b8c16885baa35df725c 43e9e30013f47901d7e2356e071127f6e816cc08 94077d9ecf35705ae7a35cb348176b95b39314e95cf5572b6429173faf37f27e
GET /favicon.ico HTTP/1.1
Host: sqdownd.onlinedown.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sqdownd.onlinedown.net/down/fu.rar
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 18 May 2023 01:13:53 GMT
Content-Type: application/xml
Content-Length: 263
Connection: keep-alive
Server: openresty
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
CloudServiceDiscount: CDN
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSjFAeyFYcvvoC6fdc21F0Vdljbd8Ys7
x-amz-request-id: 000001882C6BA97290070F7C56D42930
x-reserved-indicator: 361
X-CCDN-Origin-Time: 134
Age: 1
via: CHN-HElangfang-AREACUCC1-CACHE15[167],CHN-HElangfang-AREACUCC1-CACHE15[145,TCP_MISS,166],CHN-TJ-GLOBAL1-CACHE3[141],CHN-TJ-GLOBAL1-CACHE15[134,TCP_MISS,139]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 86400
|