| charcycon.ctfd.io/files/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?token=eyJ1c2VyX2lkIjozNiwidGVhbV9pZCI6OCwiZmlsZV9pZCI6MjZ9.ZgXlmQ.OV-o8vS8YD2X60WLMvr8Ce1-xXY | 165.227.251.182 | 302 FOUND | 1.2 kB |
URL User Request GET HTTP/1.1charcycon.ctfd.io/files/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?token=eyJ1c2VyX2lkIjozNiwidGVhbV9pZCI6OCwiZmlsZV9pZCI6MjZ9.ZgXlmQ.OV-o8vS8YD2X60WLMvr8Ce1-xXY IP165.227.251.182:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerGlobalSign nv-sa Subject*.ctfd.io Fingerprint42:1F:29:C9:75:3E:99:B7:AB:93:80:14:32:AD:87:9B:EE:1D:73:68 ValidityThu, 21 Sep 2023 04:25:23 GMT - Tue, 22 Oct 2024 04:25:22 GMT
File typeHTML document, ASCII text, with very long lines (1130) Hasha0c70cf33cf5d86560bdef5a9199ab14 3680c7ccc6090f81a8adc1cbea27935747d11f29 7e23f3a377d2f238c0c328061ddd91547085dfc8d622b96dc1498f264fbcdccd
GET /files/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?token=eyJ1c2VyX2lkIjozNiwidGVhbV9pZCI6OCwiZmlsZV9pZCI6MjZ9.ZgXlmQ.OV-o8vS8YD2X60WLMvr8Ce1-xXY HTTP/1.1
Host: charcycon.ctfd.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 FOUND
Date: Thu, 28 Mar 2024 21:50:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1240
Connection: keep-alive
Keep-Alive: timeout=30
Location: https://6d2dd193134545ad88d61026e88a730b.s3.amazonaws.com/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?response-content-disposition=attachment%3B%20filename%3DpacketsCTF4.pcapng&response-cache-control=max-age%3D3600&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAYQYMCZZ442GJAWMY%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T210000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=9187ab73fb2dca75ff23f934a05ff6473ef11e3df9467e1277469616ad2e5dad
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: session=4023ad4a-4185-47e2-92a1-c5908372427f.ho63h06T8A3Q1gTVTIT0_PXGqaU; Secure; HttpOnly; Path=/; SameSite=Lax
|
| 6d2dd193134545ad88d61026e88a730b.s3.amazonaws.com/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?response-content-disposition=attachment%3B%20filename%3DpacketsCTF4.pcapng&response-cache-control=max-age%3D3600&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAYQYMCZZ442GJAWMY%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T210000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=9187ab73fb2dca75ff23f934a05ff6473ef11e3df9467e1277469616ad2e5dad | 54.231.172.33 | 200 OK | 16 MB |
URL User Request GET HTTP/1.16d2dd193134545ad88d61026e88a730b.s3.amazonaws.com/0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?response-content-disposition=attachment%3B%20filename%3DpacketsCTF4.pcapng&response-cache-control=max-age%3D3600&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAYQYMCZZ442GJAWMY%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T210000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=9187ab73fb2dca75ff23f934a05ff6473ef11e3df9467e1277469616ad2e5dad IP54.231.172.33:443
CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typepcapng capture file - version 1.0 Size16 MB (15620660 bytes) Hash103d87338a2118dfb10a7b92b612ff3a fe8131b8276e0952bb351aae44d31e1af3156a72 dcf4026fcdea56e9e9f9748a79a04f82583dff8ba2dfe58532513693d2d2ad0e
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
GET /0eadcc285164b1dcc5dcd0dc38bdd5fc/packetsCTF4.pcapng?response-content-disposition=attachment%3B%20filename%3DpacketsCTF4.pcapng&response-cache-control=max-age%3D3600&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAYQYMCZZ442GJAWMY%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T210000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=9187ab73fb2dca75ff23f934a05ff6473ef11e3df9467e1277469616ad2e5dad HTTP/1.1
Host: 6d2dd193134545ad88d61026e88a730b.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 3rC1lVPj827r87Tb5NYBSf+ThkixK8eINDIHzzdWOFh7AFo81z1hW+TL5ywoXFvacLLqIDqPLz0=
x-amz-request-id: 1KKZ37H8YFMQ7RVW
Date: Thu, 28 Mar 2024 21:50:40 GMT
Last-Modified: Tue, 26 Mar 2024 06:14:16 GMT
ETag: "87fcc14f96a484a6fc603992ccc6e568-2"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=3600
Content-Disposition: attachment; filename=packetsCTF4.pcapng
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Server: AmazonS3
Content-Length: 15620660
|