| objects.githubusercontent.com/github-production-release-asset-2e65be/354876995/84eb7257-d7fb-436b-bce6-edadc2987efe?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230429%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230429T221948Z&X-Amz-Expires=300&X-Amz-Signature=a0b9c27c339ff9e1d4403dd3bba28f3662af92b1197ba82b1919c9db687052a2&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=354876995&response-content-disposition=attachment%3B%20filename%3Dlibopencv-dev.4.5.4_x86_vc15_staticlib_Debug.exe&response-content-type=application%2Foctet-stream | 185.199.109.133 | | 36 kB |
URL objects.githubusercontent.com/github-production-release-asset-2e65be/354876995/84eb7257-d7fb-436b-bce6-edadc2987efe?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230429%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230429T221948Z&X-Amz-Expires=300&X-Amz-Signature=a0b9c27c339ff9e1d4403dd3bba28f3662af92b1197ba82b1919c9db687052a2&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=354876995&response-content-disposition=attachment%3B%20filename%3Dlibopencv-dev.4.5.4_x86_vc15_staticlib_Debug.exe&response-content-type=application%2Foctet-stream IP185.199.109.133:0
Hash42692f0b0b976d1036e6a2c735e61514 9986c6b1c34d910bdb7e5f4122c1be0be920299f be908f3cb3d300e6b309b12c930f7f6fbe5df933b8bd0d49f5af27e854d0908c
GET /github-production-release-asset-2e65be/354876995/84eb7257-d7fb-436b-bce6-edadc2987efe?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230429%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230429T221948Z&X-Amz-Expires=300&X-Amz-Signature=a0b9c27c339ff9e1d4403dd3bba28f3662af92b1197ba82b1919c9db687052a2&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=354876995&response-content-disposition=attachment%3B%20filename%3Dlibopencv-dev.4.5.4_x86_vc15_staticlib_Debug.exe&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=133332992-
If-Match: "0x8DA7AF8AB3431B0"
If-Unmodified-Since: Wed, 10 Aug 2022 17:49:26 GMT
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-md5: BH0gGcsmhXoh/PUHkKjv8A==
last-modified: Wed, 10 Aug 2022 17:49:26 GMT
etag: "0x8DA7AF8AB3431B0"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 11c839f7-b01e-0062-2fe8-7a2372000000
x-ms-version: 2020-04-08
x-ms-creation-time: Wed, 10 Aug 2022 17:49:26 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=libopencv-dev.4.5.4_x86_vc15_staticlib_Debug.exe
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 28
content-range: bytes 133332992-133369506/133369507
date: Sat, 29 Apr 2023 22:20:16 GMT
x-served-by: cache-iad-kjyo7100033-IAD, cache-bma1673-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 0
x-timer: S1682806816.934953,VS0,VE98
content-length: 36515
X-Firefox-Spdy: h2
|
| pkg-store.dl.mail.ru/packages/shop/0_2017362distrib52/jre/bin/freetype.dll | 188.93.63.73 | 200 OK | 550 kB |
URL User Request GET HTTP/1.1pkg-store.dl.mail.ru/packages/shop/0_2017362distrib52/jre/bin/freetype.dll IP188.93.63.73:80
File typePE32+ executable (DLL) (GUI) x86-64, for MS Windows\012- data Size550 kB (549704 bytes) Hashe00dbb8d42beddd9cbc3f0570655968b b0c3635072a7d726ee5439529de992cb88476240 ff70136ec44e0b9b501f90b56b3bbf2e44be875ee49e10d8b0159713e8c19eb6
NIDS | Severity | Alert | suricata | high | ET POLICY PE EXE or DLL Windows file download HTTP |
GET /packages/shop/0_2017362distrib52/jre/bin/freetype.dll HTTP/1.1
Host: pkg-store.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 29 Apr 2023 22:20:16 GMT
Content-Type: application/octet-stream
Content-Length: 549704
Last-Modified: Fri, 17 Mar 2023 09:45:28 GMT
Connection: keep-alive
ETag: "641436b8-86348"
Accept-Ranges: bytes
|