Report - riftek.com/upload/iblock/c01/RF65x_SP_Cortex

Report Overview

Submitted URL
riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip
IP
93.125.99.131
ASN
#6697 Republican Unitary Telecommunication Enterprise Beltelecom
Submitted
2024-05-07 10:44:13
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
riftek.com	unknown	2001-01-18	2014-01-17	2024-03-14	507 B	776 kB	93.125.99.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip
IP
93.125.99.131
ASN
#6697 Republican Unitary Telecommunication Enterprise Beltelecom

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
776 kB (775662 bytes)
Hash
fb4bfeb7efae68e728b59c63f4ed2154
8f28f629c973fc21b4445bfb0bf8516d27fc8edf
4d4b4db46738faeedcf56c4ee05d81dfe915ebb5459221918b07e9e0f2e20051

Archive (8)

Filename

Md5

File type

B480Drv.dll

fb71eeaa2973989ddca0368f6ae7b88c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Ftd2xx.dll

df091bdaa0d1f921730b722d87a73450

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

FTD2XX.H

109a41a01f164c30cb9324105d8ce320

C source, ASCII text, with CRLF line terminators

FTD2XX.LIB

040e747bb33286fb0b3d2af3855dfcb9

Microsoft Visual C/OMF library, page size 16, at 0x1600 dictionary with 4 blocks (FFLAG=0x83) 1st entry FT_EraseEE in page 47, 2nd record "FT_Close", 3rd record COMMENT class=0xa0 OMF extensions IMPDEF ordinal FT_Close exported by FTD2XX.dll

EN.ini

68a01e1539475b00153b5197b56a0486

Generic INItialization configuration [LABEL]

Language.ini

6199b6f92ca13304eb5cc63287028d79

ASCII text, with CRLF line terminators

Motor.dat

8463f5f5d49bfa2a894447d0d58da1d7

CSV text

RF65X_SP_Cortex_User.exe

f2e2ea56290b22d6a09c2914a61f9f81

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip	93.125.99.131	200 OK	776 kB
URL User Request GET HTTP/2 riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip IP 93.125.99.131:443 ASN #6697 Republican Unitary Telecommunication Enterprise Beltelecom Certificate IssuerLet's Encrypt Subjectriftek.com Fingerprint5D:7A:5A:1E:95:4E:5B:6F:50:4C:81:29:A4:71:9F:CF:84:1A:4B:FD ValiditySat, 20 Apr 2024 02:50:08 GMT - Fri, 19 Jul 2024 02:50:07 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 776 kB (775662 bytes) Hash fb4bfeb7efae68e728b59c63f4ed2154 8f28f629c973fc21b4445bfb0bf8516d27fc8edf 4d4b4db46738faeedcf56c4ee05d81dfe915ebb5459221918b07e9e0f2e20051 HTTP Headers `GET /upload/iblock/c01/RF65x_SP_Cortex_User.zip HTTP/1.1 Host: riftek.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 07 May 2024 10:43:46 GMT content-type: application/zip content-length: 775662 last-modified: Tue, 28 Jul 2020 14:14:45 GMT etag: "5f2032d5-bd5ee" expires: Mon, 12 Aug 2024 10:43:46 GMT cache-control: max-age=8380800 accept-ranges: bytes X-Firefox-Spdy: h2`

riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip

93.125.99.131

200 OK

776 kB

URL User Request GET HTTP/2
riftek.com/upload/iblock/c01/RF65x_SP_Cortex_User.zip
IP
93.125.99.131:443
ASN
#6697 Republican Unitary Telecommunication Enterprise Beltelecom

Certificate
IssuerLet's Encrypt
Subjectriftek.com
Fingerprint5D:7A:5A:1E:95:4E:5B:6F:50:4C:81:29:A4:71:9F:CF:84:1A:4B:FD
ValiditySat, 20 Apr 2024 02:50:08 GMT - Fri, 19 Jul 2024 02:50:07 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
776 kB (775662 bytes)
Hash
fb4bfeb7efae68e728b59c63f4ed2154
8f28f629c973fc21b4445bfb0bf8516d27fc8edf
4d4b4db46738faeedcf56c4ee05d81dfe915ebb5459221918b07e9e0f2e20051

HTTP Headers

GET /upload/iblock/c01/RF65x_SP_Cortex_User.zip HTTP/1.1
Host: riftek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 10:43:46 GMT
content-type: application/zip
content-length: 775662
last-modified: Tue, 28 Jul 2020 14:14:45 GMT
etag: "5f2032d5-bd5ee"
expires: Mon, 12 Aug 2024 10:43:46 GMT
cache-control: max-age=8380800
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (8)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers