Report - github.com/fluzyteck/RedTiger/archive/main.zip

Report Overview

Visited public
2024-07-06 22:36:19
Tags
URL
github.com/fluzyteck/RedTiger/archive/main.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.3
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
codeload.github.com	62359	2007-10-09	2013-04-18 13:49:11	2024-07-03 10:08:38	517 B	1.1 MB	140.82.121.9
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-06 18:12:32	2.6 kB	7.1 kB	23.36.77.32
github.com	1423	2007-10-09	2016-07-13 12:28:22	2024-07-06 18:37:49	1.0 kB	7.1 kB	140.82.121.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
codeload.github.com/loxyteck/RedTiger-Tools/zip/refs/heads/main
IP
140.82.121.9
ASN
#36459 GITHUB

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.1 MB (1098200 bytes)
Hash
976d00f218635623eb1155c7aa3c199e
fa606705d277a99cbcc92778623a0044d63494fe
4bfe044547fa708dab4cc268f0dfee0ec4d4774ba4fcb4a112fdfced9e71fe9c

Archive (78)

Modified	Filename	Size	Md5	File type
2024-07-05 19:26	DoxCreate.txt	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-07-05 19:26	IpValid.txt	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-07-05 19:26	PhishingAttack.txt	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-07-05 19:26	VirusBuilder.txt	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-07-05 19:26	[FREE] DataBase Roblox.txt	136 kB	82ee654587da5da614ed23c4c406b9d1	ASCII text
2024-07-05 19:26	[FREE] DataBase Spotify.txt	177 kB	a693e9fe5c0aacc48a685ca88dcf439f	ASCII text
2024-07-05 19:26	desktop.ini	46 B	0210a08d5c40f50cc1e0beb31a55d9f8	Windows desktop.ini
2024-07-05 19:26	Banner-RedTiger.png	12 kB	b97d8778ff85e8b1285bd88dfa9582c6	PNG image data, 596 x 375, 8-bit/color RGBA, non-interlaced
2024-07-05 19:26	Builder.png	140 kB	dce08a79858ccdd09c15ee7ec6ae91fa	PNG image data, 1283 x 930, 8-bit/color RGBA, non-interlaced
2024-07-05 19:26	Python_Path.png	143 kB	42f952eb0a8fa081e65d2f5a74099459	PNG image data, 672 x 417, 8-bit/color RGB, non-interlaced
2024-07-05 19:26	RedTiger.png	80 kB	59e5e451843afbe0fe06517bf7c7888d	PNG image data, 1472 x 702, 8-bit/color RGBA, non-interlaced
2024-07-05 19:26	RedTiger_Icon.ico	64 kB	83eed953cf52062729362d059ff6310e	MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
2024-07-05 19:26	RedTiger_Logo.png	13 kB	55467570e3d25b79e54746206f2af551	PNG image data, 1350 x 1350, 8-bit/color RGB, non-interlaced
2024-07-05 19:26	RedTiger_Logo2.png	11 kB	d1eac06a674337297c66845c1decf7ed	PNG image data, 1150 x 1150, 8-bit/color RGB, non-interlaced
2024-07-05 19:26	RedTiger_Logo3.png	456 kB	1ceb5ae3c873913675ba0b11e85b0733	PNG image data, 1150 x 1150, 8-bit/color RGBA, non-interlaced
2024-07-05 19:26	LICENSE	1.2 kB	82eba4467559dbe1bd575fad59cc3aad	ASCII text
2024-07-05 19:26	README.md	4.7 kB	88f1da1d9dd386656d41bb91e674c757	HTML document, Unicode text, UTF-8 text
2024-07-05 19:26	RedTiger.py	18 kB	4d00edfc84f368ed4ed025451d40b13e	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Config.py	1.3 kB	b7ea7317126114d0b7c2a77b6589c532	Unicode text, UTF-8 text
2024-07-05 19:26	Page.txt	1 B	c4ca4238a0b923820dcc509a6f75849b	very short file (no magic)
2024-07-05 19:26	Util.py	40 kB	b6c1167d95254ff3ab700ea1e1b09e67	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Bot-Invite-To-Id.py	1.4 kB	a8bc88ae8ea00ebaf985a2fb48c50f4a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Bot-Server-Nuker.py	8.9 kB	1adaa92f8d660e6375f262bdda581a7e	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Nitro-Generator.py	3.6 kB	9edf22a040fdff9f9e7ed708ddf6117e	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Server-Info.py	7.4 kB	010cee882aefff4954b1e585433bfc06	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Block-Friends.py	2.3 kB	a732cdf20a956df9f7ace0a48ab277c3	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Delete-Dm.py	2.2 kB	0dc8b95aaab0d0f13998bc361a637d97	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Delete-Friends.py	2.5 kB	ddfc3c3b0e6f74792e8ffc9c2c8878d6	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Generator.py	3.8 kB	a66f7a8b3e5bdb9d36ac91622b9d86dc	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-House-Changer.py	2.3 kB	ee0d7bcbe350d2894d07916bfa259492	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Info.py	12 kB	74987ec2aa1a69aa7fb6be11c86edeac	Python script, Unicode text, UTF-8 text executable, with very long lines (304)
2024-07-05 19:26	Discord-Token-Joiner.py	2.2 kB	7d5e457befb9cc51ac1886e63b90179c	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Language-Changer.py	2.1 kB	700612b5d003d419f6f7128b4fa9dcc8	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Leaver.py	3.0 kB	c7d8b9a5f865c70f0f2090ed25bc49ab	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Login.py	4.0 kB	5cbd49ffcf5342c168556648de7005c7	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Mass-Dm.py	2.8 kB	ca6179e4c9a9007d3e13f8304da28a42	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Nuker.py	5.2 kB	a5ce46df67bb5aba258fc23be9c29a27	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Server-Raid.py	2.7 kB	98f864f41eb11e6d4aaa78a9082df173	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Spammer.py	2.7 kB	8fb920a08d85e98ae44f41b2d015bc4a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Status-Changer.py	2.2 kB	efe1d3b2ad90a7c4ddb4ffe73e0cf23a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-Theme-Changer.py	2.1 kB	9028e5f219ec82ddd426a678062efa92	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Token-To-Id-And-Brute.py	4.6 kB	85ab73d629257f1ac347490603f32ca0	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Webhook-Delete.py	1.2 kB	610250fdcc9f32b50271902fbe401c62	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Webhook-Generator.py	3.7 kB	8fd55777df4ab6c4bf09f0daef2f092c	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Webhook-Info.py	3.7 kB	404b45a6e6ecf5f39bf354b4201c7c17	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Discord-Webhook-Spammer.py	2.3 kB	306dc7ae48c9adab28e595333d1ff46e	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Dox-Create.py	20 kB	061305f2a46b2b409907ca00b841da54	Python script, Unicode text, UTF-8 text executable, with very long lines (304)
2024-07-05 19:26	Dox-Tracker-(OSINT).py	5.1 kB	6d4a168cd40bf2a399a3cb7ba5537a55	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Email-Info.py	4.6 kB	6e23c7a724ef50b0c45774d780ea56ca	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Email-Tracker-(OSINT).py	15 kB	bf3071a2f36275721071998f1a54da5a	Python script, Unicode text, UTF-8 text executable, with very long lines (1085)
2024-07-05 19:26	Virus-Builder-Disinfect.py	6.9 kB	1e4727f70147956a73f60d6685d980eb	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	VirusBuilderOptions.py	68 kB	d48d346d30517901ac1f2b377bb9f502	Python script, Unicode text, UTF-8 text executable, with very long lines (313)
2024-07-05 19:26	Get-Your-Ip.py	2.8 kB	c59302f036fede19d3ed375677f709bf	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Illegal-Website.py	10 kB	a37d25e31aae229bbc501cffbb5e4293	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Ip-Generator.py	4.7 kB	51202dcc8596fddb72709bd663c9897a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Ip-Info-(Lookup).py	4.3 kB	d3dfd3358ffae7da237eb204c4de121f	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Ip-Pinger.py	3.0 kB	52260b58df4779937514a73f55e4bf46	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Ip-Port-Scanner.py	1.9 kB	1d2734c424664e946adbe1e1ebd21a26	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Number-Info-(Lookup).py	3.1 kB	7e76eda8bc7597340d7d6be8af5051bd	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Password-Decrypted.py	5.6 kB	b7a7b9a6fba5d0615a81a196bc21f834	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Password-Encrypted.py	4.0 kB	697ef046005c1aca5bb75c6ea242fc1a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Phishing-Attack.py	4.1 kB	ba65513295b9eab2fc4cef88589b34c3	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Roblox-Cookie-Info.py	2.5 kB	af1c02daeab9a2af3e0dcb2b5c892573	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Roblox-Cookie-Login.py	4.0 kB	c647884d5510d4836f114762a2ca9b04	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Roblox-Id-Info.py	2.8 kB	1dc5a63deb0823fe2a7501db221ee1e0	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Roblox-User-Info.py	3.0 kB	498909b33e50184f4fea293173a6848b	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Search-In-DataBase.py	4.5 kB	4f9ee7869907d75545861065baab5ede	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Sql-Vulnerability.py	9.0 kB	f65e1f700ca13b37622197415d20a862	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Tool-Info.py	1.9 kB	03211e10fb3f931a2b80fa453381358d	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Tool-Website.py	2.3 kB	dbed75f6f15a6ecc317f1bc469fa437a	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Username-Tracker-(OSINT).py	10 kB	c96a536bd57cbe2e2ad3fc7202242f5b	Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Virus-Build-(Stealer,-Malware).py	35 kB	139f7355d3a579b6ca093ff1e52eaeb3	Python script, Unicode text, UTF-8 text executable, with very long lines (306)
2024-07-05 19:26	Website-Scanner.py	4.1 kB	552128de2749d4dea071e7c6aa55fec4	Python script text executable Python script, Unicode text, UTF-8 text executable
2024-07-05 19:26	Setup.bat	15 B	85ba6164b97bf5666efb54b03431c2c6	ASCII text, with no line terminators
2024-07-05 19:26	Setup.py	3.3 kB	208c4eb818a98f70071eaeef25f6444d	Unicode text, UTF-8 text
2024-07-05 19:26	Start.bat	18 B	ca71d3bcf4ae09caaa655b02fa1e089a	ASCII text, with no line terminators
2024-07-05 19:26	TokenDisc.txt	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-07-05 19:26	WebSite.url	45 B	085b10b72feee98dc9e58a2e85371aa1	MS Windows 95 Internet shortcut text (URL=<https://redtiger.shop>), ASCII text

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/65

JavaScript (0)

HTTP Transactions (11)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f63e8d9e64abf0e5b2784ca051160e84
d15d17504ed5c584ba42145060cf745fdb41c1d0
652ee033c72bc8eadcf29c25a5387bc303bf86e6c57f262c576117f659f15eab

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "652EE033C72BC8EADCF29C25A5387BC303BF86E6C57F262C576117F659F15EAB"
Last-Modified: Fri, 05 Jul 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4097
Expires: Sat, 06 Jul 2024 23:44:09 GMT
Date: Sat, 06 Jul 2024 22:35:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e9a839fbbf2a5bc4f1a01cd5fca04d5e
ff4396bb2dcc9211b70f2e3266720172ee2ce085
3bb2a3698d452f1de2ff4f283a89fc427d9fe01c02ad968f215bee1834b1c1e3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3BB2A3698D452F1DE2FF4F283A89FC427D9FE01C02AD968F215BEE1834B1C1E3"
Last-Modified: Thu, 04 Jul 2024 15:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8227
Expires: Sun, 07 Jul 2024 00:52:59 GMT
Date: Sat, 06 Jul 2024 22:35:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
508d0867e7982df7cfa6ad58e05ce470
6f4e15b94e527d02e8dd38f8b69b493cfae84c56
376a5286b71a4a7e90b3eece9b39480f50435d5ef3c7793828481f590d04bc77

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "376A5286B71A4A7E90B3EECE9B39480F50435D5EF3C7793828481F590D04BC77"
Last-Modified: Thu, 04 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9018
Expires: Sun, 07 Jul 2024 01:06:10 GMT
Date: Sat, 06 Jul 2024 22:35:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
223ffc40cc96a2aa59687065c089ccfc
6bc7fa694691bdca752335ecf0f7268bf2c908d5
1a1d7236b0738f65d98e772f67be883f477ac175767f971800a6bb3997399811

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A1D7236B0738F65D98E772F67BE883F477AC175767F971800A6BB3997399811"
Last-Modified: Thu, 04 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16381
Expires: Sun, 07 Jul 2024 03:08:54 GMT
Date: Sat, 06 Jul 2024 22:35:53 GMT
Connection: keep-alive

github.com/fluzyteck/RedTiger/archive/main.zip

140.82.121.3

301 Moved Permanently

0 B

URL User Request GET HTTP/2
github.com/fluzyteck/RedTiger/archive/main.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fluzyteck/RedTiger/archive/main.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: GitHub.com
date: Sat, 06 Jul 2024 22:35:53 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://github.com/loxyteck/RedTiger-Tools/archive/main.zip
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: E10F:2BC9AC:54C9745:56C9601:6689C6C9
X-Firefox-Spdy: h2

github.com/loxyteck/RedTiger-Tools/archive/main.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/loxyteck/RedTiger-Tools/archive/main.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /loxyteck/RedTiger-Tools/archive/main.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: GitHub.com
date: Sat, 06 Jul 2024 22:35:53 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://codeload.github.com/loxyteck/RedTiger-Tools/zip/refs/heads/main
cache-control: max-age=0, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: E10F:2BC9AC:54C97CA:56C9685:6689C6C9
X-Firefox-Spdy: h2

codeload.github.com/loxyteck/RedTiger-Tools/zip/refs/heads/main

140.82.121.9

200 OK

1.1 MB

URL User Request GET HTTP/2
codeload.github.com/loxyteck/RedTiger-Tools/zip/refs/heads/main
IP
140.82.121.9:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subject*.github.com
Fingerprint0D:F6:EC:50:FA:ED:AE:6E:13:AF:82:94:52:F7:11:1B:0A:CF:7C:20
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.1 MB (1098200 bytes)
Hash
976d00f218635623eb1155c7aa3c199e
fa606705d277a99cbcc92778623a0044d63494fe
4bfe044547fa708dab4cc268f0dfee0ec4d4774ba4fcb4a112fdfced9e71fe9c

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/65

HTTP Headers

GET /loxyteck/RedTiger-Tools/zip/refs/heads/main HTTP/1.1
Host: codeload.github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://render.githubusercontent.com
content-disposition: attachment; filename=RedTiger-Tools-main.zip
content-length: 1098200
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
cross-origin-resource-policy: cross-origin
etag: W/"f9aa6361d496f091f68311ab44092a85f050acaa5f3e86421427b1d9544d88cb"
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
date: Sat, 06 Jul 2024 22:35:53 GMT
x-github-request-id: C69E:83AA9:1E7B3C:28FD83:6689C6C9
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Sun, 07 Jul 2024 01:02:50 GMT
Date: Sat, 06 Jul 2024 22:35:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Sun, 07 Jul 2024 01:02:50 GMT
Date: Sat, 06 Jul 2024 22:35:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Sun, 07 Jul 2024 01:02:50 GMT
Date: Sat, 06 Jul 2024 22:35:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Sun, 07 Jul 2024 01:02:50 GMT
Date: Sat, 06 Jul 2024 22:35:54 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (78)

Detections

JavaScript (0)

HTTP Transactions (11)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type