| file-drop.cc/ | 172.67.146.180 | | 167 B |
IP172.67.146.180:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 May 2024 23:41:13 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 May 2024 00:41:13 GMT
Location: https://file-drop.cc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlX08eDCmWCdGbtDFLfv1rcQ5e1yCYX9tcABwBJ8lKb60Ib1OZggSuAU4Yu6iE3TAJaG6sxIXqpB4PYAUwvN0w3ybJxM8pWRONKnWwO4n%2FKri%2B%2B753Lq%2BKQMvJp72Z4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f494804a851bfa-OSL
alt-svc: h2=":443"; ma=60
|
|
| file-drop.cc/D/24e534/svchost.exe | 172.67.146.180 | 522 No Reason Phrase | 7.1 kB |
URL User Request GET HTTP/2file-drop.cc/D/24e534/svchost.exe IP172.67.146.180:443
CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typeHTML document, ASCII text, with very long lines (460) Hashb8b84cc3ad3b714df9d2b32c78e2ca9a 9cd25548ffca678c44e7e72c2dec46d82a39bca0 ec1ed4555da2a985884e8220301425d393a241cbaa541bae9c76b43ab76d939e
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /D/24e534/svchost.exe HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 522 No Reason Phrase
date: Sun, 05 May 2024 23:41:26 GMT
content-type: text/html; charset=UTF-8
content-length: 7099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phQ6uKtH1knzpBi8jlEIQ6Mwz%2Fd2%2FE0RHugues7UoBo73qf2s2xvZrc8c5pBUFnfscUa59DY7hK1RUUs%2BpMfpvyQelMCSwWvb6J16p8fuci8xqrQO37kRkAhgkr6dRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=522:87f4946dea567127:OSL; path=/; expires=Sun, 05-May-24 23:41:56 GMT
cf_use_ob=443; path=/; expires=Sun, 05-May-24 23:41:56 GMT
server: cloudflare
cf-ray: 87f4946dea567127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| file-drop.cc/D/24e534/svchost.exe | 172.67.146.180 | 522 No Reason Phrase | 167 B |
URL User Request GET HTTP/2file-drop.cc/D/24e534/svchost.exe IP172.67.146.180:443
CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /D/24e534/svchost.exe HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=443
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 May 2024 23:41:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 May 2024 00:41:26 GMT
Location: https://file-drop.cc/D/24e534/svchost.exe
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G%2FlhJuBQqf3OeFQ%2BjXaQhutuYKNZsn0VmDRUDiKWVvy1IRwsMPfmasbebneU%2BKk1hcs8737xodp2AAf1Zi3knRJs6qEjJNsIRRmu4ZzZqAFq7V7lH46KA4xaWJe3%2FA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f494cf18a556af-OSL
alt-svc: h2=":443"; ma=60
|
|
| file-drop.cc/D/24e534/svchost.exe | 172.67.146.180 | 522 No Reason Phrase | 7.1 kB |
URL User Request GET HTTP/2file-drop.cc/D/24e534/svchost.exe IP172.67.146.180:443
CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typeHTML document, ASCII text, with very long lines (460) Hashcdb044792e5c8db8485fb0c388319236 cba444c0d7815b2c734b38983807703f88a56554 d368d57fd93514af5ff146a2b561b50fd08bf6646e0068e41c836fd36b4d7546
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /D/24e534/svchost.exe HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=443
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 522 No Reason Phrase
date: Sun, 05 May 2024 23:41:27 GMT
content-type: text/html; charset=UTF-8
content-length: 7060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwuCNNTIYlBplo3QHGTl303aZybOWlo72BPz31sVvZA905b%2FTreQ0Po9DYYeqAUoVCAoxa18oF2O%2FsDZh6KyEsp3MEAW3QOvcGSepNCTeeJqvslqf2Be4l6aRjhH3J0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_use_ob=0; path=/; expires=Sun, 05-May-24 23:41:57 GMT
server: cloudflare
cf-ray: 87f494cf5f2b7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/styles/main.css | 172.67.146.180 | 200 OK | 2.7 kB |
URL GET HTTP/2file-drop.cc/cdn-cgi/styles/main.css IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typegzip compressed data, from Unix Hashe5371a01ecb7bf70cac3242e590065fc 9a5416cd5abc04093a125803babb5217734e7823 dfe9b84b58f8d82baeebd6a736ff6185955c9e6cc1c3b00eb7e21d90851e5baf
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/styles/main.css HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://file-drop.cc/D/24e534/svchost.exe
DNT: 1
Connection: keep-alive
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-1f4d"
server: cloudflare
cf-ray: 87f494d73a597127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/images/cf-icon-ok.png | 172.67.146.180 | 200 OK | 946 B |
URL GET HTTP/2file-drop.cc/cdn-cgi/images/cf-icon-ok.png IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced Hashdfaf0fbb758c874be231335db178381d 8f2597eb7ba4c89892aac0559816db3f5280b23e ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/cf-icon-ok.png HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://file-drop.cc/cdn-cgi/styles/main.css
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: image/png
content-length: 946
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-3b2"
server: cloudflare
cf-ray: 87f494d76a6e7127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/images/cf-icon-cloud.png | 172.67.146.180 | 200 OK | 1.5 kB |
URL GET HTTP/2file-drop.cc/cdn-cgi/images/cf-icon-cloud.png IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typePNG image data, 152 x 77, 8-bit colormap, non-interlaced Hash3ec81e5e3a4de9fec46ce9e6999b9e27 8f03b6857ab8d31feb65f97b1ae6b678efdc2ddd 3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/cf-icon-cloud.png HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://file-drop.cc/cdn-cgi/styles/main.css
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: image/png
content-length: 1484
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-5cc"
server: cloudflare
cf-ray: 87f494d76a737127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/images/cf-icon-server.png | 172.67.146.180 | 200 OK | 1.4 kB |
URL GET HTTP/2file-drop.cc/cdn-cgi/images/cf-icon-server.png IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typePNG image data, 95 x 75, 8-bit colormap, non-interlaced Hash2c11e67182601007f577f8bf2c72fee8 01dc915d4745f00632021c05d3eef634747a9c3d 41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/cf-icon-server.png HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://file-drop.cc/cdn-cgi/styles/main.css
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: image/png
content-length: 1384
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-568"
server: cloudflare
cf-ray: 87f494d76a747127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/images/cf-icon-error.png | 172.67.146.180 | 200 OK | 854 B |
URL GET HTTP/2file-drop.cc/cdn-cgi/images/cf-icon-error.png IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced Hashe5577f04b6d92590410e26bd2292933b 16946b2c99d98a57f83eac170ce94b012b7d1a7b 67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/cf-icon-error.png HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://file-drop.cc/cdn-cgi/styles/main.css
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: image/png
content-length: 854
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-356"
server: cloudflare
cf-ray: 87f494d77a797127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| file-drop.cc/cdn-cgi/images/cf-icon-browser.png | 172.67.146.180 | 200 OK | 484 B |
URL GET HTTP/2file-drop.cc/cdn-cgi/images/cf-icon-browser.png IP172.67.146.180:443
Requested byhttps://file-drop.cc/D/24e534/svchost.exe CertificateIssuerGoogle Trust Services LLC Subjectfile-drop.cc Fingerprint8F:C4:15:48:5A:D4:5F:AD:0B:2E:06:17:F0:DC:1F:6E:09:F0:BB:0D ValidityFri, 19 Apr 2024 09:13:36 GMT - Thu, 18 Jul 2024 09:13:35 GMT
File typePNG image data, 100 x 80, 8-bit colormap, non-interlaced Hash59caf3c7eb63af78f12db37f41433779 8024e688e78e910ae1ea3bc25be7a7ab65444b02 78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/cf-icon-browser.png HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://file-drop.cc/cdn-cgi/styles/main.css
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 23:41:27 GMT
content-type: image/png
content-length: 484
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-1e4"
server: cloudflare
cf-ray: 87f494d75a6d7127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 06 May 2024 01:41:27 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| file-drop.cc/favicon.ico | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://file-drop.cc/D/24e534/svchost.exe
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: file-drop.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://file-drop.cc/D/24e534/svchost.exe
DNT: 1
Connection: keep-alive
Cookie: cf_ob_info=522:87f4946dea567127:OSL; cf_use_ob=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|