Report - cdn.discordapp.com/attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 14:16:06
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-23	631 B	1.1 MB	162.159.129.233
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-23	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.1 MB (1115312 bytes)
Hash
f1452068a8efd9ababc5d29fc03d1f4b
080dd64f80f8c760c6a0af8944945bbe354fd539
52918435893df1a1788e6575332eb76ded442e7c4f9ca597dad00013fc9fbe45

Archive (13)

Filename

Md5

File type

Database.txt

e4bb80fd69b3cf407e930b148bf722a6

ISO-8859 text, with CRLF line terminators

CCTools.exe

dd5a31b21f6a9552694d47efac36a948

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Company.txt

55682b2a9de9893c94e03be99b47c302

ASCII text, with CRLF line terminators

cruma.zhs

7c093614754cbbea2673a2c73248f367

data

cruma.zmap

2059a6b153816b6e4678e71d6f3fa5a9

XML 1.0 document, ASCII text, with CRLF line terminators

database.mdb

434486bc63306200c7760a2d62159c80

Microsoft Access Database

dion.zmap

a6bc5d8a68e2e15b8c8b5d9da5824a49

XML 1.0 document, ASCII text, with CRLF line terminators

Hosts.txt

6ddc9ea0cec8e7bc6a9048f87ff42169

ASCII text, with CRLF line terminators

key.txt

2db382fc70c1ddf5cac8597e1360c145

ASCII text, with CRLF line terminators

Processors.txt

526136e78777b264f694ca9065b85fef

ASCII text, with CRLF line terminators

sp.xml

1b6359f504cfb4ab6f02534d2772721c

XML 1.0 document, Unicode text, UTF-8 text, with very long lines (2591), with CRLF line terminators

urls.dat

d41d8cd98f00b204e9800998ecf8427e

WORKING 1-40.txt

d1db4bf2f8f2fb8c617f8640ee78bcd4

ISO-8859 text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	cdn.discordapp.com/attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731&	162.159.129.233	200 OK	1.1 MB
URL User Request GET HTTP/2 cdn.discordapp.com/attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731& IP 162.159.129.233:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 1.1 MB (1115312 bytes) Hash f1452068a8efd9ababc5d29fc03d1f4b 080dd64f80f8c760c6a0af8944945bbe354fd539 52918435893df1a1788e6575332eb76ded442e7c4f9ca597dad00013fc9fbe45 HTTP Headers GET /attachments/1219746673425649754/1229424099043049584/CCtools_1.zip?ex=6629b2aa&is=6628612a&hm=4b052df979ce41c4a3efe44a00ac38ed2698c01624cfbc42892270211f679731& HTTP/1.1 Host: cdn.discordapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 24 Apr 2024 14:15:41 GMT content-type: application/zip content-length: 1115312 cf-ray: 8796b4ee0eb2712e-OSL cf-cache-status: MISS accept-ranges: bytes, bytes cache-control: public, max-age=31536000 content-disposition: attachment; filename="CCtools_1.zip" etag: "f1452068a8efd9ababc5d29fc03d1f4b" expires: Thu, 24 Apr 2025 14:15:40 GMT last-modified: Mon, 15 Apr 2024 13:32:26 GMT vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 x-goog-generation: 1713187946878839 x-goog-hash: crc32c=wGH/gA==, md5=8UUgaKjv2aurxdKfwD0fSw== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 1115312 x-guploader-uploadid: ABPtcPps_gOqAnO-CRyFzrQD__ft-nfV8nZ4BVdYkcKBT5AR9UMl62z1l1FpVDB7GGULLofdd6A x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pk6okSIpzUJHFvHb6dm0sKVSVT2gUS3QRPl3iI6S36JDzmi5YFYMuHOskjloQrOmjo80JstCHOIEEy2z84a9xsWHvZo4CRXD1U%2FRWCrNTdrhKI45mYEitsVPtGAd%2FHSuRrLN4g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} set-cookie: __cf_bm=pfGIVe750goioQOI4JyOTnOO4UB3AN5O_dVLRQ9v5V4-1713968141-1.0.1.1-aKJLRZuyztvgQF0LMYsoPSaoOBaQzfg_UCUBN3RBw7YKyALGQ_E750ECqIcpP0To2DPrdRbC2Qmkp.UbgWSVFw; path=/; expires=Wed, 24-Apr-24 14:45:41 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None _cfuvid=EuQABovOkdNFMkArdtM8tIssxIlrCbyMpMUL__G2wuA-1713968141072-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None server: cloudflare X-Firefox-Spdy: h2

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201		444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=z9DP-6Mt_k7VOAAzc51zm3MgY4-2eLHM0PZK0ytwXQBN6-l96kPO07YBLZU9HjDrlM4uh2oNHTPm7-4HfmSEvLWEvS7zV0Wmx0_2YBaybwqCQYmS6aXGpyXcMbdsnJAO strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: EXPIRED content-encoding: gzip via: 1.1 google content-length: 444 date: Wed, 24 Apr 2024 14:14:18 GMT age: 101 content-type: text/xml; charset=utf-8 vary: Accept-Encoding cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (13)

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers