Report - cdn.discordapp.com/attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 23:42:44
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-16	512 B	1.2 kB	35.244.181.201
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-16	632 B	116 kB	162.159.135.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad&
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
114 kB (113999 bytes)
Hash
d73f6febfd8e33c754b293e07f292a89
914dc9e7b75842259d73882ef258c1fa4312bc9d
ca2c5b1f32653351e48bcf761c2a6bec6da4f52489c3c67916ca511f37922a97

Archive (47)

Modified	Filename	Size	Md5	File type
2023-10-07 10:43	bug_report.yml	3.1 kB	822a4d2f869b13d9379cf20ae07fcbbb	HTML document, Unicode text, UTF-8 text
2023-10-07 10:43	config.yml	204 B	a95bfbbb52a33307dc7608550790dd43	Unicode text, UTF-8 text
2023-10-07 10:43	installer-new-translation.yml	4.7 kB	58107d09f772613e19791640c7adde90	HTML document, Unicode text, UTF-8 text
2023-10-07 10:43	itranslation-fix.yml	622 B	19c8639964e1ad0a4cf7663348392055	Unicode text, UTF-8 text
2023-10-07 10:43	SpotX_Channel.svg	2.4 kB	d165957c98e25d944c144491c5f7c2a4	SVG Scalable Vector Graphics image
2023-10-07 10:43	SpotX_Community.svg	2.4 kB	018c9b2454d194418260c5654dfdbb24	SVG Scalable Vector Graphics image
2023-10-07 10:43	SpotX_for_Mac&Linux.svg	3.9 kB	102b1884743b92d1654606657836dfc1	SVG Scalable Vector Graphics image
2023-10-07 10:43	faq.svg	1.8 kB	8a6cb2b44a9b6abfe2f0e44c8ac3b5e5	SVG Scalable Vector Graphics image
2023-10-07 10:43	logo.png	24 kB	1bae0cecf5b0b048f58550f3ea67be2a	PNG image data, 450 x 149, 8-bit/color RGBA, non-interlaced
2023-10-07 10:43	Install_New_theme.bat	277 B	bf78a0583ee16de7cf3776c7c7ad23fc	DOS batch file, ASCII text
2023-10-07 10:43	Install_Old_theme.bat	343 B	de98e6429eb645242319b15137585767	DOS batch file, ASCII text, with very long lines (317)
2023-10-07 10:43	LICENSE	1.1 kB	c1b1474b80fefb51f49ed01f48a43c0d	ASCII text
2023-10-07 10:43	README.md	6.4 kB	27692994dd2a6d319ff7c38ea3b4712c	HTML document, ASCII text
2023-10-07 10:43	Uninstall.bat	940 B	b74fc1987d231ff335f8a82dab4c040f	DOS batch file, ASCII text, with CRLF line terminators
2023-10-07 10:43	ru.json	14 kB	b9549ab986ee64aea9f295a652aaee88	JSON text data
2023-10-07 10:43	patches.json	55 kB	f4363237034a902ebdf3012d879ffc51	JSON text data
2023-10-07 10:43	run.ps1	57 kB	79fd883109a70dbd4389a583b2d3d75e	ASCII text
2023-10-07 10:43	Install_Auto.bat	417 B	54b03a0ff44958963dea1a0784d0cd3a	DOS batch file, ASCII text, with very long lines (391)
2023-10-07 10:43	Install_Prem.bat	286 B	d3104124d9e47b95472ec43b4fa31b93	DOS batch file, ASCII text
2023-10-07 10:43	bn.ps1	7.9 kB	7ff5b63c358646e7b271e18830f9477a	Unicode text, UTF-8 text
2023-10-07 10:43	de.ps1	4.2 kB	f7f1492ad0c41957df8b26b39103618c	Unicode text, UTF-8 text, with CRLF line terminators
2023-10-07 10:43	el.ps1	5.9 kB	b511c932a78e9d07a0e07d239cae2d30	Unicode text, UTF-8 text
2023-10-07 10:43	en.ps1	3.2 kB	d67f569da5c55d82aa66ddaa91e62e72	Unicode text, UTF-8 text
2023-10-07 10:43	es.ps1	4.0 kB	df53805af5dca5b3f034fda0bf3a2e8c	Unicode text, UTF-8 text
2023-10-07 10:43	fa.ps1	5.0 kB	3a1c90a2b892d683f221a19c9e225928	Unicode text, UTF-8 text, with CRLF line terminators
2023-10-07 10:43	fi.ps1	3.9 kB	fa49d546feba873879fbe0653709a68c	Unicode text, UTF-8 text
2023-10-07 10:43	fil.ps1	4.4 kB	5e13254de1f6267650c1ee3728d9db56	Unicode text, UTF-8 text
2023-10-07 10:43	fr.ps1	4.0 kB	012d9c113f7fda78f18b5ed79dcb54b5	Unicode text, UTF-8 text
2023-10-07 10:43	hi.ps1	7.2 kB	31f60a0786d3f0f79fc00a4aa02530d7	Unicode text, UTF-8 text
2023-10-07 10:43	hu.ps1	3.9 kB	0a239a8598866b708848434b86a1d375	Unicode text, UTF-8 text
2023-10-07 10:43	id.ps1	3.3 kB	cdda1093f332cbe192ca790b36423423	Unicode text, UTF-8 text, with CRLF line terminators
2023-10-07 10:43	it.ps1	3.9 kB	e1a1babac14c8ea928fd574b5cf10715	Unicode text, UTF-8 text
2023-10-07 10:43	ja.ps1	4.4 kB	2e237e1a55515cdb57eb51c2f80bd3df	Unicode text, UTF-8 text
2023-10-07 10:43	ka.ps1	6.5 kB	97410d79a35453f6eee9acf28c9fb09a	Unicode text, UTF-8 text
2023-10-07 10:43	ko.ps1	4.2 kB	262307dda1eadc64f625eea6fbe23a94	Unicode text, UTF-8 text
2023-10-07 10:43	lv.ps1	3.8 kB	281723c401d3963d7b743f967724661e	Unicode text, UTF-8 text
2023-10-07 10:43	pl.ps1	3.8 kB	3e5381b16126535daf1ae59cdb01928a	Unicode text, UTF-8 text
2023-10-07 10:43	pt.ps1	4.0 kB	0a502b930c9cc54daddb6ede721b5ea6	Unicode text, UTF-8 text
2023-10-07 10:43	ro.ps1	4.0 kB	d8bfb1ed806f1998f38b9817630e8c3f	Unicode text, UTF-8 text
2023-10-07 10:43	ru.ps1	4.7 kB	006c674fcb7eab3067355bab1050e257	Unicode text, UTF-8 text
2023-10-07 10:43	sr.ps1	5.1 kB	a86a635547be1ac5cc610f1b0b9d2df0	Unicode text, UTF-8 text
2023-10-07 10:43	sv.ps1	3.4 kB	2e8ba31f078aa98748b540ceb6b1da6e	Unicode text, UTF-8 text
2023-10-07 10:43	tr.ps1	3.9 kB	19084612d8b0755a683274d1717f99c3	Unicode text, UTF-8 text
2023-10-07 10:43	ua.ps1	5.2 kB	aae021f5e976cdd89ffffd619e857438	Unicode text, UTF-8 text
2023-10-07 10:43	vi.ps1	4.1 kB	924db86cb5cdf78bfb8f77ac7db1b5c8	Unicode text, UTF-8 text
2023-10-07 10:43	zh-TW.ps1	3.1 kB	9eb813c1ffae9250a3569baba95c2174	Unicode text, UTF-8 text
2023-10-07 10:43	zh.ps1	3.4 kB	c0e794404d99c182f3376a0c2970515e	Unicode text, UTF-8 text

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

cdn.discordapp.com/attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad&

162.159.135.233

200 OK

114 kB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad&
IP
162.159.135.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
114 kB (113999 bytes)
Hash
d73f6febfd8e33c754b293e07f292a89
914dc9e7b75842259d73882ef258c1fa4312bc9d
ca2c5b1f32653351e48bcf761c2a6bec6da4f52489c3c67916ca511f37922a97

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

HTTP Headers

GET /attachments/1178455467731722311/1229771242362376245/SpotX-main.zip?ex=6630e4b8&is=661e6fb8&hm=4580a7457e2dcf28e495366080b7a6169383e9fd6081f07cd88caf90c1e465ad& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 23:42:19 GMT
content-type: application/zip
content-length: 113999
cf-ray: 875807f72a8756a2-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="SpotX-main.zip"
etag: "d73f6febfd8e33c754b293e07f292a89"
expires: Wed, 16 Apr 2025 23:42:19 GMT
last-modified: Tue, 16 Apr 2024 12:31:52 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1713270712285861
x-goog-hash: crc32c=BTi83w==, md5=1z9v6/2OM8dUspPgfykqiQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 113999
x-guploader-uploadid: ABPtcPrg8HillPdfdLQ8yaFwg7KO4YAFb3EdoRPMA0otVqPgvySlZwIhWvENesmZl898FQUOI6U0AHxNSA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3Idpi8t7JUXcRpSY%2F7h0wN9IqE%2BBszVwaZ6I7BsaYiOrIp3dyGE9GUVIRGh3To72tNUIGa7ro3Ho1U65kuaYr26wk33V5GkgkIhMBpMI80wE63%2FUZWMIcK7JSeIUh3e4At46A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=bzheqavrN58uVIoHeyYe6mzOCrHHLB82F3Q8TFfVFfY-1713310939-1.0.1.1-n9W2Wrl_2MVlOshKmzcJtfU3TNzZl7rv1H5x5kz4Tyz7KZf6SkzrT9Y9NxkeYVWXZ3AlPaIbJxQIDZT8Fzgylg; path=/; expires=Wed, 17-Apr-24 00:12:19 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=tLuu9pXex2IBTpTa8srFSwdtTLu9Yh9F.SmKx20tPAo-1713310939283-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=6Y35MMoNXBSJekosrHodoXr7wOyPgIFidwAAqbkNql129lvmFc3JR2u5oV21DmWpMCzqX2pK6UDS3nOd1yGogKsDSSV7o4HHW36T-ykjgK3gxhLHR5vYWOPYITfrm1sH
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 16 Apr 2024 23:42:17 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 20
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (47)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers