| getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe | 78.46.163.214 | 200 OK | 76 MB |
URL User Request GET HTTP/2getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe IP78.46.163.214:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectgetdstudio.org FingerprintBE:F8:29:7B:11:25:AC:53:6B:E2:BD:1A:7C:9F:6F:2B:F0:C5:3C:99 ValidityTue, 20 Feb 2024 03:27:02 GMT - Mon, 20 May 2024 03:27:01 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 6 sections Size76 MB (75472040 bytes) Hashd36ee1d19ac7a733e73c8aa2642fa125 8bffebf20df83bd175b8bed4a7c44f453b62039a a2aea5ea35b719b030c12f4ca562aa510906f15c7bba59c6e270e01dc316fef8
Analyzer | Verdict | Alert | VirusTotal | malicious | |
GET /dl/Ready%20or%20Not[ZZIGE6o37].exe HTTP/1.1
Host: getdstudio.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe
Cookie: __h_clearance=4fdd039a493dd05a14afd72f9f0ecd3f6638b0597de7e844be36d0edb87288c9.1713281223
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:06 GMT
content-type: application/x-msdownload
content-length: 75472040
last-modified: Thu, 02 Nov 2023 11:03:33 GMT
vary: Accept-Encoding
etag: "65438205-47f9ca8"
x-xss-protection: 1; mode=block
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash52a1e40d3746c76b0167007994950370 6c5838f16f22c0778bc428242b26ca65bf64683c 5ca94e7f36b9452fe67eeaf4a9898c2003278f9f9151c572b2cc6178afff781a
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:28 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=L3Xsni9rSM-_Pn0RYqEO9jpPFdprr9JNSoiYDc1cQ9sbHTiko38AISYPWEayjpmLBl2C4d5N2ry58h7pHpPFYZt7baQ_OZU8BLedVv-tpal_sXp67E-NheOquURwnwh6
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| getdstudio.org/botd/static/challenges.css | 78.46.163.214 | 200 OK | 6.6 kB |
URL GET HTTP/2getdstudio.org/botd/static/challenges.css IP78.46.163.214:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe CertificateIssuerLet's Encrypt Subjectgetdstudio.org FingerprintBE:F8:29:7B:11:25:AC:53:6B:E2:BD:1A:7C:9F:6F:2B:F0:C5:3C:99 ValidityTue, 20 Feb 2024 03:27:02 GMT - Mon, 20 May 2024 03:27:01 GMT
File typeASCII text, with very long lines (6608), with no line terminators Hashf0fd80732479959c893cfd7380f594bd 04111102f46bc02c195561743b3f41b4d5a349ca 704e70fc0fd54cb83a1100d48093680b73e0d3c45a32dc326c38355185aaf37f
GET /botd/static/challenges.css HTTP/1.1
Host: getdstudio.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:01 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 10:50:10 GMT
vary: Accept-Encoding
etag: W/"64eb2a62-19c8"
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js.hcaptcha.com/1/api.js?hl=en | 104.18.125.91 | 200 OK | 387 kB |
URL GET HTTP/2js.hcaptcha.com/1/api.js?hl=en IP104.18.125.91:443
Requested byhttps://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387091 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/api.js?hl=en HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:27:01 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 15:27:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 87553274ef8c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| getdstudio.org/favicon.ico | 78.46.163.214 | 200 OK | 15 kB |
URL GET HTTP/2getdstudio.org/favicon.ico IP78.46.163.214:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe CertificateIssuerLet's Encrypt Subjectgetdstudio.org FingerprintBE:F8:29:7B:11:25:AC:53:6B:E2:BD:1A:7C:9F:6F:2B:F0:C5:3C:99 ValidityTue, 20 Feb 2024 03:27:02 GMT - Mon, 20 May 2024 03:27:01 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hash757db4de13a26a547433bfa48d69d31f d5b8a5e18d6b9f8727f93f9f7249815b81e6b752 6da14f8a185f27867be8f406256cd1c7e80d3708a36cd702c34dc482e0214826
GET /favicon.ico HTTP/1.1
Host: getdstudio.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:01 GMT
content-type: image/x-icon
last-modified: Wed, 26 Apr 2023 08:25:21 GMT
vary: Accept-Encoding
etag: W/"6448dff1-3aee"
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-encoding: br
X-Firefox-Spdy: h2
|
|
| getdstudio.org/botd/api.js | 78.46.163.214 | 200 OK | 1.5 kB |
URL GET HTTP/2getdstudio.org/botd/api.js IP78.46.163.214:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe CertificateIssuerLet's Encrypt Subjectgetdstudio.org FingerprintBE:F8:29:7B:11:25:AC:53:6B:E2:BD:1A:7C:9F:6F:2B:F0:C5:3C:99 ValidityTue, 20 Feb 2024 03:27:02 GMT - Mon, 20 May 2024 03:27:01 GMT
File typeJavaScript source, ASCII text, with very long lines (1584), with no line terminators Hasha078461c82578febece04ec869fb9f2a f93824bc49262acd3c511b1e870bf7d8bdebc950 04d420a46f9d3ef43ef21e847ceeb803370c3c57aa1d11aa99fd8a205f9b16a3
GET /botd/api.js HTTP/1.1
Host: getdstudio.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 27 Aug 2023 13:09:16 GMT
vary: Accept-Encoding
etag: W/"64eb4afc-5e8"
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-encoding: br
X-Firefox-Spdy: h2
|
|
| getdstudio.org/favicon.ico | 78.46.163.214 | 200 OK | 15 kB |
URL GET HTTP/2getdstudio.org/favicon.ico IP78.46.163.214:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe CertificateIssuerLet's Encrypt Subjectgetdstudio.org FingerprintBE:F8:29:7B:11:25:AC:53:6B:E2:BD:1A:7C:9F:6F:2B:F0:C5:3C:99 ValidityTue, 20 Feb 2024 03:27:02 GMT - Mon, 20 May 2024 03:27:01 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hash757db4de13a26a547433bfa48d69d31f d5b8a5e18d6b9f8727f93f9f7249815b81e6b752 6da14f8a185f27867be8f406256cd1c7e80d3708a36cd702c34dc482e0214826
GET /favicon.ico HTTP/1.1
Host: getdstudio.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getdstudio.org/dl/Ready%20or%20Not[ZZIGE6o37].exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:02 GMT
content-type: image/x-icon
last-modified: Wed, 26 Apr 2023 08:25:21 GMT
vary: Accept-Encoding
etag: W/"6448dff1-3aee"
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-encoding: br
X-Firefox-Spdy: h2
|
|