| GET 4car.org/zr88ldbc.txt |  104.21.112.1 | 200 OK | 17 MB |
IP104.21.112.1:443
CertificateIssuerCLOUDFLARE, INC. Subject4car.org FingerprintDC:55:23:33:C5:BC:9B:1B:8F:FB:9F:B8:97:A8:25:A1:6C:49:6A:BD ValidityFri, 13 Jun 2025 09:13:08 GMT - Thu, 11 Sep 2025 09:18:39 GMT
File typeASCII text, with very long lines (924), with CRLF line terminators Size17 MB (16771394 bytes) Hasha4bcd9c39ff874eb094dd53c161ff120 af482af68c4d03d120996608866ef196f382f5e7 31be8cadd25e6616418129d43453f2310319c85045f74d8a81354f1dab600451
| Analyzer | Verdict | Alert |
|---|
| Public Nextron YARA rules | malware | Detects an executable that has been encoded with base64 twice |
GET /zr88ldbc.txt HTTP/1.1
Host: 4car.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:21:00 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
last-modified: Fri, 13 Jun 2025 09:18:14 GMT
vary: Accept-Encoding
etag: W/"684becd6-ffe942"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OtsKItY%2Bl8u%2BNlRC2w3OzTvUqN3Ev%2BiFz3GASj0Ld6wsqJHNH6Jlikwg%2FCFFpHtJsbuVMeg7iywzYAyU6JAaKewIl9a8Sw%3D%3D"}]}
cf-ray: 9591e07e3b650b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
IP104.21.112.1:443
Requested byhttps://4car.org/zr88ldbc.txt CertificateIssuerCLOUDFLARE, INC. Subject4car.org FingerprintDC:55:23:33:C5:BC:9B:1B:8F:FB:9F:B8:97:A8:25:A1:6C:49:6A:BD ValidityFri, 13 Jun 2025 09:13:08 GMT - Thu, 11 Sep 2025 09:18:39 GMT
File typeHTML document, ASCII text, with very long lines (634) Hashf01ba522c3539135df33250082846848 af31de06cf3d07cf83f104af8755b0cc5222ffc6 2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca
GET /favicon.ico HTTP/1.1
Host: 4car.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4car.org/zr88ldbc.txt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 02 Jul 2025 23:21:02 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwFduLsENH4sQe06Fh%2BSly5kIPdl1HG1zTd1AU20cpJHHKyEjsI7Kivkenc%2F6Y99RBwPYXGy4bYiswWeJv4CpmlqeRDwuIwg1sARukOtBdLM4mbJ2K%2FAt9DMuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Fri, 13 Jun 2025 09:16:43 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 9591e08dbd24569b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3773&min_rtt=706&rtt_var=2541&sent=82&recv=104&lost=0&retrans=1&sent_bytes=9097&recv_bytes=6167&delivery_rate=631826&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18347&unsent_bytes=0&cid=e9f4189d98f3a6e0&ts=2473&inflight_dur=93&x=40"
|