URL User Request GET HTTP/1.1IP185.196.9.34:80 ASN#42624 Simple Carrier LLC
File typeASCII text, with CRLF line terminators Hash297b94d8951c19e2fe087743a4c9510f 344d0e243d4ce981154ff2533f3c48a35ce27d5a 416af71e57956df5f79fa03a2b321513a23b34f793229b01725fd43b597d19ad
Analyzer | Verdict | Alert | ThreatFox | malicious | Mirai | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | high | URLhaus Known malware download URL detected (2816414) |
GET /w.sh HTTP/1.1
Host: packetinfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1730
Content-Type: application/x-shellscript
Last-Modified: Sun, 07 Apr 2024 03:53:08 GMT
Date: Sat, 20 Apr 2024 12:43:10 GMT
|