| cdn.discordapp.com/attachments/1097075502436589590/1097623079590580368/Pack3.zip | 162.159.129.233 | | 42 kB |
URL cdn.discordapp.com/attachments/1097075502436589590/1097623079590580368/Pack3.zip IP162.159.129.233:0
Hashcdda778229c81ddb90395f7f52ba474c 3ba42354be86ae9ec04c3a7c6722144df6425dd6 ab6b2acf46260e2f9a4c17b0991d95b2ed865d6b3c97b5015470bd4c22f04625
GET /attachments/1097075502436589590/1097623079590580368/Pack3.zip HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=.wMaw9_IxRwlJNJeP4GWEWZFihAp4kmJIvfY2ZQiMWs-1682601136-0-AZERqElvfYisU9YVJW5e+GBPSfkisCWBHisRgeYMJf1++gPlD6EXuSrCJ79ej0tOpmaBz5O6/1y2C4grsMSIrHs=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=160890880-
If-Match: "49b41e1ad1ea26a4c553832a7890ab43"
If-Unmodified-Since: Mon, 17 Apr 2023 20:42:15 GMT
HTTP/2 206 Partial Content
date: Thu, 27 Apr 2023 13:12:37 GMT
content-type: application/zip
content-length: 41772
cf-ray: 7be751723dee0b69-OSL
age: 106
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Pack3.zip"
content-range: bytes 160890880-160932651/160932652
etag: "49b41e1ad1ea26a4c553832a7890ab43"
expires: Fri, 26 Apr 2024 13:12:37 GMT
last-modified: Mon, 17 Apr 2023 20:42:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1681764135114140
x-goog-hash: crc32c=yFe+pw==, md5=SbQeGtHqJqTFU4MqeJCrQw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160932652
x-guploader-uploadid: ADPycdudrXx_dMQ0QkAFkb8xQz5jaCo5BYwbakLq5Rd0uLDwlMCogRg1Ns0o5-SuOI5U57qu_j2r0kZoCuviaiLTCFmQZA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh8SECVMgSfwIeWqMyfvnPBafpf1BEG6l94BBNQivx4wMFIU3PPMYphmMgSWNALEGXLoWAtLR8AYgwFFIuLWSr0KDeKLTlHzR8dYGcmrUfetYzLyVFfKKwmz61jiBI%2Fn%2Fme2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/1.1IP185.224.128.215:80
File typeZip archive data, at least v2.0 to extract, compression method=deflate\012- data Size590 kB (589497 bytes) Hash0f24142d3830e2e41777c33fc50e9b77 201b2d796e286eecc8830aa70578400a99d33e0a 71000e4009834fa023a70ea594fa126cbabbeac6182b8635c172ebf50d16f3b5
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | | VirusTotal | 37/64 | |
NIDS | Severity | Alert | suricata | medium | ET INFO Dotted Quad Host ZIP Request |
GET /a.zip HTTP/1.1
Host: 185.224.128.215
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Apr 2023 13:12:37 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 17 Apr 2023 02:09:16 GMT
ETag: "8feb9-5f97ead862b00"
Accept-Ranges: bytes
Content-Length: 589497
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip
|