IP47.244.159.76:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, Unicode text, UTF-8 text Hash48fe21addc9b0e8d87dd5577e15e152a 3144fca6c6ae292144a21ccf0ff24d5941c80a0f a1d9536b3e777ca557362adbc153754df32c6d32a96b5a20d084f06d6d64c0a4
GET / HTTP/1.1
Host: down2.superbar.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 13:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Location: http://www.bkzj.wang/downdll/
|
IP47.243.125.164:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, ASCII text, with CRLF line terminators Hash9fe3cb2b7313dc79bb477bc8fde184a7 4d7b3cb41e90618358d0ee066c45c76227a13747 32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
GET /downdll/ HTTP/1.1
Host: www.bkzj.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Fri, 29 Mar 2024 13:42:18 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
|
| down2.superbar.vip/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe | 47.244.159.76 | 302 Moved Temporarily | 332 B |
URL User Request GET HTTP/1.1down2.superbar.vip/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe IP47.244.159.76:80 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, Unicode text, UTF-8 text Hashf55b27c120eb1fc0317cf80643babfa4 6d887aa47685a061bdf6b1534acf61a6e0423bfb 0e74629abf2c74ab1c87e1039ee956681ba1c75c655a978689e875e31f374b1e
GET /3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe HTTP/1.1
Host: down2.superbar.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 13:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Location: http://www.bkzj.wang/downdll/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe
|
| www.bkzj.wang/downdll/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe | 47.243.125.164 | 200 OK | 411 kB |
URL User Request GET HTTP/1.1www.bkzj.wang/downdll/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe IP47.243.125.164:80 ASN#45102 Alibaba US Technology Co., Ltd.
File typePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections Size411 kB (411136 bytes) Hash38dbe26818d84ca04295d639f179029c f24e9c792c35eb8d0c1c9f3896de5d86d2fd95ff 9f94daaec163d60c74fff0f0294942525be7b5beaf26199da91e7be86224ceeb
Analyzer | Verdict | Alert | VirusTotal | malicious | |
GET /downdll/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe/3dmgame.dll@16@26374.exe HTTP/1.1
Host: www.bkzj.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 13:42:19 GMT
Content-Type: application/octet-stream
Content-Length: 411136
Last-Modified: Thu, 24 Mar 2022 10:44:43 GMT
Connection: keep-alive
ETag: "623c4b9b-64600"
Accept-Ranges: bytes
|