Report - megafilmeshdx.zip

Report Overview

Visitedpublic

2024-03-01 03:44:23

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
megafilmeshdx.zip	unknown	unknown	No data	No data	1.9 kB	15 kB	172.67.140.205
aus5.mozilla.org	2548	unknown	No data	No data	511 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-03-01 03:09:44	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:44	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	172.67.140.205	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	104.21.9.5	ET INFO HTTP Request to a *.zip Domain
2024-03-01 03:09:46	low	Client IP	104.21.9.5	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	megafilmeshdx.zip/	ScriptElement	0 B	0001-01-01	2025-08-02
URL megafilmeshdx.zip/ IP / ASN 172.67.140.205 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-02 Times Seen 5605985 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	megafilmeshdx.zip/	ScriptElement	393 B	2023-04-05	2025-03-02
URL megafilmeshdx.zip/ IP / ASN 172.67.140.205 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-04-05 Last Seen 2025-03-02 Times Seen 143291 Size 393 B (393 bytes) MD5 34ad0a116707d3b794129a6720af92d7 SHA1 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 SHA256 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Format Code Loading...

	megafilmeshdx.zip/	ScriptElement	0 B	0001-01-01	2025-08-02
URL megafilmeshdx.zip/ IP / ASN 172.67.140.205 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-02 Times Seen 5605985 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

HTTP Transactions (6)

URL IP Response Size

GET megafilmeshdx.zip/

172.67.140.205

403 Forbidden

1.7 kB

URL

megafilmeshdx.zip/

IP / ASN

172.67.140.205

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (394)

First Seen2024-08-20

Last Seen2024-08-20

Times Seen1

Size1.7 kB (1741 bytes)

MD50ee82a42656386c2777884948f5eefec

SHA1bbb67acba9a21ea251adb4a5d45d017e678973b0

SHA2564b6941256de79a2592b444cf0804db06394dd0ccc9f946faa63a04fc143f8217

Certificate Info

IssuerGoogle Trust Services LLC

Subjectmegafilmeshdx.zip

FingerprintFB:4E:06:8B:64:B9:21:41:63:9E:54:1D:5C:7E:B6:99:C6:37:EF:FC

ValidityThu, 11 Jan 2024 11:27:56 GMT - Wed, 10 Apr 2024 11:27:55 GMT

Detections

Analyzer	Verdict	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: megafilmeshdx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 01 Mar 2024 03:09:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Fri, 01 Mar 2024 03:09:59 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7h5s4r99GgZdKGXjwNmnYBUYVcJPLr0QMhZIsgYWW1Op0RN1%2FPKzEpOssIEBu19FM86%2FNjwm3Qp8QWL4%2Fl%2FO10B32p3Yz%2FL1lAkOf5QL0Fq4laHhKNBCbxkWq46%2FzQDTbJ3dg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85d5f3327e74b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

GET megafilmeshdx.zip/cdn-cgi/styles/cf.errors.css

172.67.140.205

200 OK

4.5 kB

URL

megafilmeshdx.zip/cdn-cgi/styles/cf.errors.css

IP / ASN

172.67.140.205

#13335 CLOUDFLARENET

Requested byhttp://megafilmeshdx.zip/

Resource Info

File typeASCII text, with very long lines (24131)

First Seen2023-04-05

Last Seen2024-08-21

Times Seen31956

Size4.5 kB (4529 bytes)

MD5a1cedc21f16b5a97114857154fab35e9

SHA195e9890a15a4f7f94f7f19d2c297e4b07503c526

SHA2561103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Detections

Analyzer	Verdict	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: megafilmeshdx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://megafilmeshdx.zip/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 03:09:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 15:42:08 GMT
ETag: W/"65de02d0-5e44"
Server: cloudflare
CF-RAY: 85d5f33cde17b52d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 01 Mar 2024 05:09:46 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

GET megafilmeshdx.zip/favicon.ico

172.67.140.205

403 Forbidden

1.7 kB

URL

megafilmeshdx.zip/favicon.ico

IP / ASN

172.67.140.205

#13335 CLOUDFLARENET

Requested byhttp://megafilmeshdx.zip/

Resource Info

File typeHTML document, ASCII text, with very long lines (394)

First Seen2024-08-20

Last Seen2024-08-20

Times Seen1

Size1.7 kB (1740 bytes)

MD5b9997abf53166da7433bc929d5339775

SHA18b97a26ad1b2c8a1ec711cc2c85d5785d4b540c4

SHA25651250e567f07ca6632ea774f7164412492b86330606b740e5b4a893d2b640971

Detections

Analyzer	Verdict	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: megafilmeshdx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://megafilmeshdx.zip/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 01 Mar 2024 03:09:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Fri, 01 Mar 2024 03:10:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzL2rBQ0h%2BKNnHePL2IQM4j5EOyS7NO38rHaT9yqZyXM9R5UhWaeWuhsMgO1y01nGTKi5HBxpU0VqzlVKZmmKPp%2Fh8hABnAGgZtTW7pyOlBqntnOUqEkKjssnVsmzznE3840wA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85d5f33dae9db52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

GET megafilmeshdx.zip/cdn-cgi/images/browser-bar.png?1376755637

172.67.140.205

200 OK

715 B

URL

megafilmeshdx.zip/cdn-cgi/images/browser-bar.png?1376755637

IP / ASN

172.67.140.205

#13335 CLOUDFLARENET

Requested byhttp://megafilmeshdx.zip/

Resource Info

File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-02

Times Seen70203

Size715 B (715 bytes)

MD5226dcb8f6144bdaafdfbd8f2f354be64

SHA13785cc5b3bf52f8e398177b0ff1020b24aa86b8c

SHA2568c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Detections

Analyzer	Verdict	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: megafilmeshdx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://megafilmeshdx.zip/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 03:09:46 GMT
Content-Type: image/png
Content-Length: 715
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 15:42:08 GMT
ETag: "65de02d0-2cb"
Server: cloudflare
CF-RAY: 85d5f33dbea6b52d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 01 Mar 2024 05:09:46 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

GET megafilmeshdx.zip/cdn-cgi/images/cf-no-screenshot-error.png

104.21.9.5

200 OK

3.2 kB

URL

megafilmeshdx.zip/cdn-cgi/images/cf-no-screenshot-error.png

IP / ASN

104.21.9.5

#13335 CLOUDFLARENET

Requested byhttp://megafilmeshdx.zip/

Resource Info

File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-02

Times Seen70210

Size3.2 kB (3213 bytes)

MD50d768cbc261841d3affc933b9ac3130e

SHA1aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7

SHA2561c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Detections

Analyzer	Verdict	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: megafilmeshdx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://megafilmeshdx.zip/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 03:09:46 GMT
Content-Type: image/png
Content-Length: 3213
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 15:42:08 GMT
ETag: "65de02d0-c8d"
Server: cloudflare
CF-RAY: 85d5f33e2b2b5691-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 01 Mar 2024 05:09:46 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

IP / ASN

35.244.181.201

#396982 GOOGLE-CLOUD-PLATFORM

Requested byN/A

Resource Info

File typeXML 1.0 document, ASCII text, with very long lines (332)

First Seen2023-10-13

Last Seen2025-06-20

Times Seen185315

Size444 B (444 bytes)

MD53b324dec137a87ef7e24a30a65b13dd0

SHA1c0faa95b2f1018e264b3a14aaf50d1003e6c27b3

SHA2566cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-09-14-36-40.chain; p384ecdsa=iKVUQEJSKqeYG_NviVW2v5MslbzQlVKkXvAsF8arim2wcl6_HKCiejWJBIM54eEmpSv-5vkIB33pdQWedP9pqRUav1k1hxaalPdG8Dp4ofQc2KyzU4T6FfNKviTzHvMp
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 01 Mar 2024 03:08:46 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 74
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2