Report - old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip

Report Overview

Submitted URL
old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip
IP
118.178.231.176
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-05-10 11:31:17
Access
public
Website Title
Warning: Potential Security Risk Ahead
Final URL
about:certerror?e=nssBadCert&u=https%3A//old.unitek-it.com/media/driver/Realtek/Y-7509/for%2520Unix%2520%28Linux%29.zip&c=UTF-8&d=%20
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
old.unitek-it.com	unknown	2011-01-20	2018-12-24	2018-12-24	964 B	237 kB	118.178.231.176

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip
IP
118.178.231.176
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
236 kB (236385 bytes)
Hash
ea24ecf2c0a43f6cb1201a497184a818
a17d07e0511e2c2dc190cfd4d1f934c9e00f899a
349e381eff5a64f22730ca919e47a4c2c33347049b087098e896c7edde422771

Archive (4)

Modified	Filename	Size	Md5	File type
2016-07-19 19:53	0004-rtl_bsd_drv_v191.tgz	84 kB	c3c6ff689bbce97364d1b5bea98de966	gzip compressed data, was "rtl_bsd_drv_v191.tar", last modified: Wed May 18 16:27:22 2016, max compression, from FAT filesystem (MS-DOS, OS/2, NT)
2016-07-19 19:53	0001-r1000_v1.07.tgz	35 kB	bbe1803ca4e4c4a5b88fa24d9d0b3911	gzip compressed data, last modified: Fri Aug 17 17:46:59 2007, from Unix
2016-07-19 19:53	0005-r8168-8.042.00.tar.bz2	92 kB	2c583809d1ebf26ed7f5e775c83e68e0	bzip2 compressed data, block size = 900k
2016-07-19 19:53	0001-SCO.106.zip	25 kB	829fc1e8d813e4d0c182de314eaab26d	Zip archive data, at least v1.0 to extract, compression method=store

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

JavaScript (1)

	URL	Size	First Seen	Last Seen
	about:certerror?e=nssBadCert&u=https%3A//old.unitek-it.com/media/driver/Realtek/Y-7509/for%2520Unix%2520%28Linux%29.zip&c=UTF-8&d=%20	0 B	2023-03-07	2024-05-20
Pretty URL about:certerror?e=nssBadCert&u=https%3A//old.unitek-it.com/media/driver/Realtek/Y-7509/for%2520Unix%2520%28Linux%29.zip&c=UTF-8&d=%20 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:31:56 Times Seen37896137 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (2)

URL IP Response Size

old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip

118.178.231.176

200 OK

369 B

URL User Request GET HTTP/1.1
old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip
IP
118.178.231.176:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Certificate
IssuerDigiCert Inc
Subjectwww.old.unitek-it.com
FingerprintC7:0D:A5:75:6E:8C:4F:86:D8:57:AB:61:87:97:7C:72:AD:1A:5A:F5
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
369 B (369 bytes)
Hash
2ff5bc9a9263114ec8efdb69e03e0b4d
e20d9e2e0584bde0f59800a0d18f0409ad190d09
da777e531f16a78a7558d020b56fe274a038575a4b75409d74d41456e5d9e8ff

HTTP Headers

GET /media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip HTTP/1.1
Host: old.unitek-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 11:30:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip
Content-Length: 369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip

118.178.231.176

200 OK

236 kB

URL User Request GET HTTP/1.1
old.unitek-it.com/media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip
IP
118.178.231.176:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Certificate
IssuerDigiCert Inc
Subjectwww.old.unitek-it.com
FingerprintC7:0D:A5:75:6E:8C:4F:86:D8:57:AB:61:87:97:7C:72:AD:1A:5A:F5
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
236 kB (236385 bytes)
Hash
ea24ecf2c0a43f6cb1201a497184a818
a17d07e0511e2c2dc190cfd4d1f934c9e00f899a
349e381eff5a64f22730ca919e47a4c2c33347049b087098e896c7edde422771

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

HTTP Headers

GET /media/driver/Realtek/Y-7509/for%20Unix%20(Linux).zip HTTP/1.1
Host: old.unitek-it.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:30:55 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 21 Feb 2017 07:58:58 GMT
ETag: "39b61-54905c091d480"
Accept-Ranges: bytes
Content-Length: 236385
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

Detections

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers