GET mediaget.com/ld/get_installer.php?r=gamesru.ru&bbl=1&f=Sonic+Frontiers&u=https://igruhi.org/uploads/torrent/Sonic-Frontiers.torrent&bbls_client_id=1626044844&bbl_clk_id=64838-1749798255&use_f=1
302 Found 4.8 MB URL User Request GET mediaget.com/ld/get_installer.php?r=gamesru.ru&bbl=1&f=Sonic+Frontiers&u=https://igruhi.org/uploads/torrent/Sonic-Frontiers.torrent&bbls_client_id=1626044844&bbl_clk_id=64838-1749798255&use_f=1
IP
ASN #12876 Scaleway S.a.s.
Certificate IssuerLet's Encrypt
Subject*.mg-prod.mediaget.com
Fingerprint63:71:55:F0:1F:77:9B:F2:77:EF:92:55:DE:B6:33:CF:7B:82:40:E0
ValidityMon, 14 Apr 2025 10:34:06 GMT - Sun, 13 Jul 2025 10:34:05 GMT
Size 4.8 MB (4833056 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ld/get_installer.php?r=gamesru.ru&bbl=1&f=Sonic+Frontiers&u=https://igruhi.org/uploads/torrent/Sonic-Frontiers.torrent&bbls_client_id=1626044844&bbl_clk_id=64838-1749798255&use_f=1 HTTP/1.1
Host: mediaget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
alt-svc: h3=":8443"; ma=2592000
content-type: text/html; charset=UTF-8
date: Fri, 13 Jun 2025 07:04:47 GMT
location: https://mediaget.com/installer/mediaget_installer_490.exe?filename=sonic-frontiers_id4393131ids1s.exe
server: nginx/1.14.1
set-cookie: cookie=11b934899359bab0; Path=/; HttpOnly; Secure; SameSite=None
notuniq=1; expires=Sat, 14-Jun-2025 07:04:47 GMT; Max-Age=86400
X-Firefox-Spdy: h2
GET mediaget.com/installer/mediaget_installer_490.exe?filename=sonic-frontiers_id4393131ids1s.exe
200 OK 4.8 MB URL User Request GET mediaget.com/installer/mediaget_installer_490.exe?filename=sonic-frontiers_id4393131ids1s.exe
IP
ASN #12876 Scaleway S.a.s.
Certificate IssuerLet's Encrypt
Subject*.mg-prod.mediaget.com
Fingerprint63:71:55:F0:1F:77:9B:F2:77:EF:92:55:DE:B6:33:CF:7B:82:40:E0
ValidityMon, 14 Apr 2025 10:34:06 GMT - Sun, 13 Jul 2025 10:34:05 GMT
File type PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size 4.8 MB (4833056 bytes)
Hash a9d291b7640244fa347acdde042b0141
978875a000557ae9f592b07d3496cf0932c0af80
c729612b7b9ca8b1efa0a014dcc55bcb15228398907ca9746bfe6be9aa0f1acc
Analyzer Verdict Alert YARAhub by abuse.ch malware win_amadey_bytecodes_oct_2023
VirusTotal malicious
GET /installer/mediaget_installer_490.exe?filename=sonic-frontiers_id4393131ids1s.exe HTTP/1.1
Host: mediaget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cookie=11b934899359bab0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":8443"; ma=2592000
content-disposition: attachment; filename="sonic-frontiers_id4393131ids1s.exe"
content-type: application/x-msdownload
date: Fri, 13 Jun 2025 07:04:47 GMT
etag: "a9d291b7640244fa347acdde042b0141"
last-modified: Wed, 11 Dec 2024 16:08:45 GMT
server: nginx/1.27.4
set-cookie: cookie=aec3d77f7d0e8dcd; Path=/; HttpOnly; Secure; SameSite=None
x-amz-request-id: tx00000f24dd0385c0ee482-0067c0f8d0-12b83d53f-default
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
content-length: 4833056
X-Firefox-Spdy: h2
51.158.227.48