Report - packetstormsecurity.com/files/160127/zerologon-poc.txt

Report Overview

Submitted URL
packetstormsecurity.com/files/160127/zerologon-poc.txt
IP
198.84.60.198
ASN
#54876 ROKABEAR
Submitted
2024-04-16 13:12:46
Access
public
Website Title
Zerologon Netlogon Privilege Escalation ≈ Packet Storm
Final URL
packetstormsecurity.com/files/160127/zerologon-poc.txt
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
packetstormsecurity.com	367782	2001-04-09	2012-10-28	2024-04-15	1.0 kB	39 kB	198.84.60.198
packetstatic.com	unknown	2008-10-10	2012-05-29	2024-04-13	8.0 kB	253 kB	198.84.60.198
ssl.googleanalytics.com	unknown	2005-01-26	2014-01-16	2024-04-15	411 B	1.8 kB	216.58.211.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	packetstormsecurity.com/files/160127/zerologon-poc.txt	Identifies Impacket, a collection of Python classes for working with network protocols.

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	packetstatic.com/js1651606189/pt.js	167 kB	2023-06-27	2024-04-28
Pretty URL packetstatic.com/js1651606189/pt.js IP 198.84.60.198 ASN #54876 ROKABEAR Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 17:44:46 Last Seen2024-04-28 08:53:03 Times Seen88 Hash 361ed139090b4cfb669d4e1bdd776b66 af92556181b3cd651a00da43176f8e1079f26243 59417a69aeedaee351259221d82c3dd0ed753d674f92af83b0baaef4cb178e56 Loading...

	packetstatic.com/js1651606189/pss.js	10 kB	2023-06-27	2024-04-28
Pretty URL packetstatic.com/js1651606189/pss.js IP 198.84.60.198 ASN #54876 ROKABEAR Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 17:44:46 Last Seen2024-04-28 08:53:03 Times Seen44 Hash 8bfc5ba52291af87e3b7addd8e52f7df 7da97210d933d0395a160f38f4bb72f88191b351 1f84ac6b3e2c3c2178d618a942271786df75e8b2ea29b7fe759b61e83c470c48 Loading...

	packetstormsecurity.com/files/160127/zerologon-poc.txt	500 B	2023-06-27	2024-04-28
Pretty URL packetstormsecurity.com/files/160127/zerologon-poc.txt IP 198.84.60.198 ASN #54876 ROKABEAR Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-27 17:44:46 Last Seen2024-04-28 08:53:03 Times Seen44 Hash f0977fcfab678411857a73b87578fad8 d5da379a026eabb62e165259c5e7bd3ce419050a 28aa78ce8eddd19974e1edee25fe1ce73389a7df79d0c337f129ba5865275567 Loading...

HTTP Transactions (21)

URL IP Response Size

packetstormsecurity.com/files/160127/zerologon-poc.txt

198.84.60.198

200 OK

36 kB

URL User Request GET HTTP/1.1
packetstormsecurity.com/files/160127/zerologon-poc.txt
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
HTML document, ASCII text, with very long lines (12574)
Size
36 kB (36319 bytes)
Hash
38a682648f39742b760f7e8d679bff02
0dd39376ad609d061218d32b2bc6a84e5901aa92
9a3e6f6e26c5e18c9812422af934c9a99f4aa426269c551410e064ddc47b7bbb

Detections

Analyzer	Verdict	Alert
Public InfoSec YARA rules	malware	Identifies Impacket, a collection of Python classes for working with network protocols.

HTTP Headers

GET /files/160127/zerologon-poc.txt HTTP/1.1
Host: packetstormsecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, private, must-revalidate, proxy-revalidate
Set-Cookie: P=0; expires=Fri, 5-May-1999 05:05:05 GMT; domain=.packetstormsecurity.com; path=/; HttpOnly; secure
TZ=UTC; domain=.packetstormsecurity.com; path=/; expires=Mon, 5-May-2025 05:05:05 GMT
M=dl.packetstormsecurity.net; domain=.packetstormsecurity.com; path=/; expires=Mon, 5-May-2025 05:05:05 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/js1651606189/pss.js

198.84.60.198

200 OK

10 kB

URL GET HTTP/1.1
packetstatic.com/js1651606189/pss.js
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1545)
Size
10 kB (10257 bytes)
Hash
b82d5a75875fc98c66fe2dff1de4ded2
e1059a377d81605fce335950a50b96bd36d80923
daf95b9c1a65fb257f662d96d6beb7942d089505bf6b649d5860d2e8c59d2236

HTTP Headers

GET /js1651606189/pss.js HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:21 GMT
Content-Type: application/javascript
Content-Length: 10257
Connection: keep-alive
Last-Modified: Tue, 03 May 2022 19:29:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:21 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/css1651606189/pss.css

198.84.60.198

200 OK

35 kB

URL GET HTTP/1.1
packetstatic.com/css1651606189/pss.css
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
ASCII text, with very long lines (34727)
Size
35 kB (34728 bytes)
Hash
26d4b9c1d0e112b53167983b6e878b7b
7faa603b0d64cdb18a104d4ab0c4e01f9deb0251
efd1b22eeb210f222058d2959b8babe51ebd862675b34b254c93387afae7ba0e

HTTP Headers

GET /css1651606189/pss.css HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:21 GMT
Content-Type: text/css
Content-Length: 34728
Connection: keep-alive
Last-Modified: Tue, 03 May 2022 19:29:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:21 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/js1651606189/pt.js

198.84.60.198

200 OK

167 kB

URL GET HTTP/1.1
packetstatic.com/js1651606189/pt.js
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
JavaScript source, ASCII text, with very long lines (2284)
Size
167 kB (166718 bytes)
Hash
361ed139090b4cfb669d4e1bdd776b66
af92556181b3cd651a00da43176f8e1079f26243
59417a69aeedaee351259221d82c3dd0ed753d674f92af83b0baaef4cb178e56

HTTP Headers

GET /js1651606189/pt.js HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:21 GMT
Content-Type: application/javascript
Content-Length: 166718
Connection: keep-alive
Last-Modified: Tue, 03 May 2022 19:29:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:21 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img1514015884/s_twitter.png

198.84.60.198

200 OK

1.2 kB

URL GET HTTP/1.1
packetstatic.com/img1514015884/s_twitter.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1168 bytes)
Hash
1fc817994027e3af9053147756c3ee6a
185bb78ebca3bfdf1b3dad1d3ae8bba25c9b2326
ade1c676bcf83314b974c6b67c5f318e19cc1b39a3e1033003b63fcaa649c543

HTTP Headers

GET /img1514015884/s_twitter.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1168
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img1514015884/o_close.png

198.84.60.198

200 OK

1.1 kB

URL GET HTTP/1.1
packetstatic.com/img1514015884/o_close.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 30 x 30, 8-bit gray+alpha, non-interlaced
Size
1.1 kB (1097 bytes)
Hash
aeec8eb525adefd53150f93b1451d4de
354827ea2d2e38ddb1d2b47c4a68aad4c7b7e974
11821ccb3a6d4a4e8ddc5a64210264d8ada77886ede09a6f7451f7b82693bf10

HTTP Headers

GET /img1514015884/o_close.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1097
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img1514015884/s_rss.png

198.84.60.198

200 OK

1.4 kB

URL GET HTTP/1.1
packetstatic.com/img1514015884/s_rss.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1431 bytes)
Hash
f4da9ab33c9e806f85b0b7c9ade03647
41667c356b0e5ee740f8591ed9ebb420ee3b5db8
5a7c4f7a373b885992d7dccf2f957103d89abae69a5e46a4d316292e3b4ac728

HTTP Headers

GET /img1514015884/s_rss.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1431
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img1514015884/s_facebook.png

198.84.60.198

200 OK

1.2 kB

URL GET HTTP/1.1
packetstatic.com/img1514015884/s_facebook.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1182 bytes)
Hash
f2c494bad48dafa72781b86792f9a393
4547473b9aa0f099ae5b2a18c86ec2fb033e7894
05371feb122c64f4a32de1838019b835a1831c056e344366ddaa772e71d63f4e

HTTP Headers

GET /img1514015884/s_facebook.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1182
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/t_bg.jpg

198.84.60.198

200 OK

8.3 kB

URL GET HTTP/1.1
packetstatic.com/img/t_bg.jpg
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 943x110, components 3
Size
8.3 kB (8335 bytes)
Hash
2bd03462bce9582bb17ccfb38a1ff3f8
9dcbba6ba6c888cb21eac719d0927baf3a622305
25e5c93d1b3d699cd13c215aeeef37dad62c16b2aaaa403f2bd6b71e0b80007c

HTTP Headers

GET /img/t_bg.jpg HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/jpeg
Content-Length: 8335
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img1514015884/ps_logo.png

198.84.60.198

200 OK

15 kB

URL GET HTTP/1.1
packetstatic.com/img1514015884/ps_logo.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 315 x 65, 8-bit/color RGBA, non-interlaced
Size
15 kB (15061 bytes)
Hash
038e21bba6cdf5810af66feb3b50595a
309809e1c678d68145ac88eb0220fb563b05d686
82075fa0f3dcdf038f959f225a4d724a6d20e4827db59845692db8ccd96b059d

HTTP Headers

GET /img1514015884/ps_logo.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 15061
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/t_srch_bg.png

198.84.60.198

200 OK

175 B

URL GET HTTP/1.1
packetstatic.com/img/t_srch_bg.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 1 x 24, 8-bit colormap, non-interlaced
Size
175 B (175 bytes)
Hash
3fcd9e882f3c79f24c88cdc800947baa
da30641cf2a4acece156b8b5b92f8b5666643127
17cd5b4c624ef724774436b1ae5d8d6ccf93ded33cb3a7ce63a6025f37c415e6

HTTP Headers

GET /img/t_srch_bg.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 175
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/t_srch_btn.png

198.84.60.198

200 OK

1.0 kB

URL GET HTTP/1.1
packetstatic.com/img/t_srch_btn.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 26 x 52, 8-bit colormap, non-interlaced
Size
1.0 kB (1009 bytes)
Hash
69ed38dee247248691538ac9caab7af3
a884b58de74632c43dfa204b3d46e7c114e9cb21
67a6cf4d33b7fc196fd34fa5698b93ba7f76a8e06346cafe76f857b7fafc4cb1

HTTP Headers

GET /img/t_srch_btn.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1009
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/bg_tn0.gif

198.84.60.198

200 OK

91 B

URL GET HTTP/1.1
packetstatic.com/img/bg_tn0.gif
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
GIF image data, version 89a, 10 x 30
Size
91 B (91 bytes)
Hash
ef2ef205c1d79c0ed350a9b6c5540fe7
b36cc03b91d25cf70f64c49bd3fc7acfdc56c0f4
d3c2af090f58189c15fbb75993bb4209279b490b479f59440020def70b88d714

HTTP Headers

GET /img/bg_tn0.gif HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/gif
Content-Length: 91
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/bg_tn1.gif

198.84.60.198

200 OK

91 B

URL GET HTTP/1.1
packetstatic.com/img/bg_tn1.gif
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
GIF image data, version 89a, 10 x 30
Size
91 B (91 bytes)
Hash
026257e3b4a401fc5de8a5932fffac78
cd7b7e8a65bd672508f8ccb790797eb17cb3fc24
611767727a019986e23edc3eaf28a8de34de35ed85e04ac36ea1b5aad4f98188

HTTP Headers

GET /img/bg_tn1.gif HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/gif
Content-Length: 91
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

ssl.googleanalytics.com/ga.js

216.58.211.8

404 Not Found

1.6 kB

URL GET HTTP/2
ssl.googleanalytics.com/ga.js
IP
216.58.211.8:443
ASN
#15169 GOOGLE

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerGoogle Trust Services LLC
Subject*.googlebrandlab.com
Fingerprint6D:C7:CB:CF:F6:34:22:1D:3E:1D:12:BC:F9:DA:7B:8B:4D:0B:A7:64
ValidityMon, 04 Mar 2024 06:52:21 GMT - Mon, 27 May 2024 06:52:20 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1566 bytes)
Hash
ec7d56020a0b6d7aaa3c2a66b14aabc7
20e256f20bd68cd302b62841b30ca671e6b27cdd
d29a5f3e101665e18deb2d8ba9f2405cb0f7f1abbd886b03aeb0b226fc663383

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.googleanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1566
date: Tue, 16 Apr 2024 13:12:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

packetstatic.com/img/bg_c.gif

198.84.60.198

200 OK

49 B

URL GET HTTP/1.1
packetstatic.com/img/bg_c.gif
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
GIF image data, version 89a, 3 x 1
Size
49 B (49 bytes)
Hash
5497aa7b4a24d1f3a53624d4ec133699
a250c76a8331a05519a9c5b2dbe6d4cf713076c4
12a37a423fbfb8c3442fb2d3b6ee690efa770026e55c3db04b94f0beb1a01b73

HTTP Headers

GET /img/bg_c.gif HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/gif
Content-Length: 49
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/mime/text-plain.png

198.84.60.198

200 OK

1.3 kB

URL GET HTTP/1.1
packetstatic.com/img/mime/text-plain.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 24 x 26, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1256 bytes)
Hash
9bdd165de0a93a09aa70536a6af79fbf
25d501a48acc854f1cba062d27529b9cf498c6f3
2ada00166b823b6f75f7d08a7cd8250168297a9eca339529c24cfaf838f17dba

HTTP Headers

GET /img/mime/text-plain.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1256
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/bt_related.png

198.84.60.198

200 OK

296 B

URL GET HTTP/1.1
packetstatic.com/img/bt_related.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 11 x 11, 8-bit colormap, non-interlaced
Size
296 B (296 bytes)
Hash
1cef75f771e03905a629215cb6c8bbc4
f1cab030c7a2015b256f8f5fb79341d1ca4876be
9ac6d8a8f4dd2a967f8457868fa84c79451003a16e0faa611c465d04361117ff

HTTP Headers

GET /img/bt_related.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 296
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/bts_share.png

198.84.60.198

200 OK

1.6 kB

URL GET HTTP/1.1
packetstatic.com/img/bts_share.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 16 x 240, 8-bit colormap, non-interlaced
Size
1.6 kB (1612 bytes)
Hash
c45c1a104e3c79babaeb6a650f7a234d
6b8a609e410c4982d3d6bd216f947f61a79ba7bb
48df809bd11038001f3234907610d19e78170f6bc446bdbd813573c18ff3adbf

HTTP Headers

GET /img/bts_share.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 1612
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstatic.com/img/ft_bg.png

198.84.60.198

200 OK

218 B

URL GET HTTP/1.1
packetstatic.com/img/ft_bg.png
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
PNG image data, 500 x 24, 8-bit colormap, non-interlaced
Size
218 B (218 bytes)
Hash
6fdef203dfd6d3150ecb936a64af73a5
bb7c16b1c7206bc0603a1df70f79e5e3de5b7641
c94e6c8e70a23786d3d1cff25d5fbf68cb44b0060f4216905e70d626504f72eb

HTTP Headers

GET /img/ft_bg.png HTTP/1.1
Host: packetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstatic.com/css1651606189/pss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/png
Content-Length: 218
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:06:22 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

packetstormsecurity.com/img/pss.ico

198.84.60.198

200 OK

1.4 kB

URL GET HTTP/1.1
packetstormsecurity.com/img/pss.ico
IP
198.84.60.198:443
ASN
#54876 ROKABEAR

Requested by
https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint02:B5:F6:7D:F7:BB:E9:8F:42:10:7D:8E:AB:0D:3B:E8:C8:65:45:DD
ValidityWed, 28 Feb 2024 10:08:49 GMT - Tue, 28 May 2024 10:08:48 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Size
1.4 kB (1406 bytes)
Hash
bd2bc6b905b6f46f9fd8991244823bca
43e6cfb4ba6db0761ea47a2b959fb546628ee83e
955687f34431ce5a09ba0d6dd75033b16c25697a19dffeba0328ee7eb3c12169

HTTP Headers

GET /img/pss.ico HTTP/1.1
Host: packetstormsecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://packetstormsecurity.com/files/160127/zerologon-poc.txt
Cookie: TZ=UTC; M=dl.packetstormsecurity.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 13:06:22 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1406
Connection: keep-alive
Last-Modified: Wed, 17 Jul 2013 04:40:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate