Report - grabify.world/FML5Y8.exe

Report Overview

Visitedpublic

2024-11-15 02:38:45

Tags

Submit Tags

URL

grabify.world/FML5Y8.exe

Finishing URL

cdn.discordapp.com/attachments/983123121710178317/1195690555385057340/6lArtifact_Overlay_V1.zip?ex=65b4e89b&is=65a2739b&hm=d359660c76c4276587fdb81df3859320d9b614e7ce3447c7240c55d78e501652&

IP / ASN

104.21.15.56

#13335 CLOUDFLARENET

Title

cdn.discordapp.com/attachments/983123121710178317/1195690555385057340/6lArtifact_Overlay_V1.zip?ex=65b4e89b&is=65a2739b&hm=d359660c76c4276587fdb81df3859320d9b614e7ce3447c7240c55d78e501652&

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
grabify.world	unknown	2019-04-10	2020-03-11	2024-11-14	478 B	1.1 kB	172.67.161.186
grabify.link	181878	2015-07-05	2015-07-08	2024-11-14	5.9 kB	63 kB	104.26.8.202
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-11-13	1.5 kB	2.2 kB	162.159.134.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-11-15 02:38:20	medium	Client IP	104.26.8.202	ET INFO Observed IP Tracking Domain (grabify .link in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-11-15	medium	grabify.world	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

	URL	IP	Response	Size