Report - rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip

Report Overview

Submitted URL
rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip
IP
61.170.77.221
ASN
#4812 China Telecom Group
Submitted
2024-05-10 16:46:57
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
rc.xiaoying.tv	unknown	unknown	2021-07-02	2024-03-13	513 B	220 kB	61.170.80.231

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 16:46:47	medium	Client IP	124.221.217.28	ET HUNTING Generic .bin download from Dotted Quad

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip
IP
61.170.80.231
ASN
#4812 China Telecom Group

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
219 kB (219230 bytes)
Hash
a7d36a64969dc226433c7f8ffaeadd79
eb6a83800c60d53de754477e8101289099df66df
5e8102a15a40c42ca51a13c81f9b689ecd19e2ed72eb7be4750c9b5268fc8c0c

Archive (28)

Modified	Filename	Size	Md5	File type
2019-07-04 21:02	0x0100000000400004.xyt	47 kB	883be417f11803c3831a54a7794a62eb	data
2019-07-04 21:01	ft_1565946748.png	116 B	9de9c40ce426e19787f1126c440a5d49	PNG image data, 360 x 480, 1-bit colormap, non-interlaced
2019-07-04 21:01	ft_1565948456.png	123 B	c655ac2acf547256551c7cab3d675e69	PNG image data, 360 x 640, 1-bit colormap, non-interlaced
2019-07-04 21:01	0x4780000000400004.xyt	1.2 kB	fcb1e14fc03a65ea7c4a0b88dde64750	data
2019-07-04 21:01	music.m4a	67 kB	d8c4c50f910aa59839ccfef2c6d449bb	ISO Media, MP4 v2 [ISO 14496-14]
2019-07-04 21:01	0x4C81000000400004.xyt	15 kB	44f3f47b3e5962b334c215ffbecc4201	data
2019-07-04 21:01	0x4C82000000400004.xyt	16 kB	f9d2e3de4a0d582095a1149081fb8f70	data
2019-07-04 21:01	0x4C83000000400004.xyt	16 kB	047b5582e281e7839cce166ee2cc5267	data
2019-07-04 21:01	0x4C84000000400004.xyt	16 kB	108bd92782b455aead1338ff569ecb45	data
2019-07-04 21:01	0x4C85000000400004.xyt	16 kB	fb3d8146e0ef32df5411f6f27cfe23b4	data
2019-07-04 21:01	0x4C86000000400004.xyt	16 kB	5dccd7f63f34ef4010ca785e5bdeede4	data
2019-07-04 21:01	0x4C87000000400004.xyt	14 kB	c51e1da366fa02638a1d96cad3ca8622	data
2019-07-04 21:01	0x4C88000000400004.xyt	20 kB	68f30fca1c58a43a975ab252eccd44f7	data
2019-07-04 21:01	0x4C89000000400004.xyt	20 kB	fb9b5c75b05c1e4ca1fc632a6c1c8968	data
2019-07-04 21:01	0x4C8A000000400004.xyt	14 kB	0ca33b569aa05610ef05d9a8e671d825	data
2019-07-04 21:01	0x4C8B000000400004.xyt	14 kB	710d6690af05ff807e1369004ba3fff4	data
2019-07-04 21:01	0x4C8C000000400004.xyt	42 kB	ee96c6d49a5f0983bf6bc38f221ea95b	data
2019-07-04 21:01	0x4C8D000000400004.xyt	29 kB	cd89467c6558a4b42adc6c61e9bd9da5	data
2019-07-04 21:01	0x4C8E000000400004.xyt	18 kB	7a8b9731a8d5d111c8fc342a4e4e0322	data
2019-07-04 21:01	0x4C8F000000400004.xyt	18 kB	293c1e9a5fc7f5b80e95e4d39dc60ddb	data
2019-07-04 21:01	0x4C90000000400004.xyt	16 kB	704b57e58b6b090515d61a607c58905f	data
2019-07-04 21:01	0x4C91000000400004.xyt	16 kB	cc6621c009bf2bc84c2ea8dd161a9c73	data
2019-07-04 21:01	0x4C92000000400004.xyt	16 kB	80fd5bf35196faacd4a63a59105d44d6	data
2019-07-04 21:01	0x4C93000000400004.xyt	16 kB	3e92ca2b3b87ff2221ad7b52df2efe1a	data
2019-07-04 21:01	0x4C94000000400004.xyt	12 kB	42ed7c8bb713be9f2442461c7d768c3a	data
2019-07-04 21:01	0x4C95000000400004.xyt	12 kB	7ba17c59ca93ce94198de4841f4baccb	data
2019-07-04 21:01	0x4C96000000400004.xyt	18 kB	7f428576a2ea0fb043651d998c778de4	data
2019-07-04 21:01	0x4C97000000400004.xyt	18 kB	86d0a0631be3a24fb30973e7f980068a	data

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip	61.170.80.231	200 OK	219 kB
URL User Request GET HTTP/2 rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip IP 61.170.80.231:443 ASN #4812 China Telecom Group Certificate IssuerGlobalSign nv-sa Subject.api.xiaoying.co FingerprintC4:95:1F:34:86:4A:49:38:55:14:6F:40:84:C6:BF:F7:55:2A:E2:75 ValidityThu, 27 Apr 2023 02:47:26 GMT - Tue, 28 May 2024 02:47:25 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 219 kB (219230 bytes) Hash a7d36a64969dc226433c7f8ffaeadd79 eb6a83800c60d53de754477e8101289099df66df 5e8102a15a40c42ca51a13c81f9b689ecd19e2ed72eb7be4750c9b5268fc8c0c HTTP Headers `GET /vcm/20190704/21170404/0x0100000000400004.zip HTTP/1.1 Host: rc.xiaoying.tv User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Tengine content-type: application/zip content-length: 219230 date: Mon, 25 Mar 2024 07:50:47 GMT x-oss-request-id: 66012CD785ECD63839C27923 vary: Origin x-oss-cdn-auth: success accept-ranges: bytes etag: "A7D36A64969DC226433C7F8FFAEADD79" last-modified: Thu, 14 Dec 2023 09:14:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13171373100632157691 x-oss-storage-class: Standard x-oss-version-id: CAEQSRiBgID1zLWe4xgiIGFmNGMxZjk2ZjVlYTQ3Zjg4ZGE1MWJlYmE2MWY4ZTlh content-md5: p9NqZJadwiZDPH+P+urdeQ== x-oss-server-time: 248 ali-swift-global-savetime: 1711353047 via: cache29.l2cn3022[0,21,200-0,H], cache22.l2cn3022[23,0], vcache3.cn6012[0,4,200-0,H], vcache22.cn6012[10,0] age: 4006546 x-cache: HIT TCP_HIT dirn:11:257617605 x-swift-savetime: Thu, 18 Apr 2024 20:10:09 GMT x-swift-cachetime: 28986038 timing-allow-origin: eagleid: 3daa502a17153595935765040e X-Firefox-Spdy: h2

rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip

61.170.80.231

200 OK

219 kB

URL User Request GET HTTP/2
rc.xiaoying.tv/vcm/20190704/21170404/0x0100000000400004.zip
IP
61.170.80.231:443
ASN
#4812 China Telecom Group

Certificate
IssuerGlobalSign nv-sa
Subject*.api.xiaoying.co
FingerprintC4:95:1F:34:86:4A:49:38:55:14:6F:40:84:C6:BF:F7:55:2A:E2:75
ValidityThu, 27 Apr 2023 02:47:26 GMT - Tue, 28 May 2024 02:47:25 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
219 kB (219230 bytes)
Hash
a7d36a64969dc226433c7f8ffaeadd79
eb6a83800c60d53de754477e8101289099df66df
5e8102a15a40c42ca51a13c81f9b689ecd19e2ed72eb7be4750c9b5268fc8c0c

HTTP Headers

GET /vcm/20190704/21170404/0x0100000000400004.zip HTTP/1.1
Host: rc.xiaoying.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/zip
content-length: 219230
date: Mon, 25 Mar 2024 07:50:47 GMT
x-oss-request-id: 66012CD785ECD63839C27923
vary: Origin
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7D36A64969DC226433C7F8FFAEADD79"
last-modified: Thu, 14 Dec 2023 09:14:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13171373100632157691
x-oss-storage-class: Standard
x-oss-version-id: CAEQSRiBgID1zLWe4xgiIGFmNGMxZjk2ZjVlYTQ3Zjg4ZGE1MWJlYmE2MWY4ZTlh
content-md5: p9NqZJadwiZDPH+P+urdeQ==
x-oss-server-time: 248
ali-swift-global-savetime: 1711353047
via: cache29.l2cn3022[0,21,200-0,H], cache22.l2cn3022[23,0], vcache3.cn6012[0,4,200-0,H], vcache22.cn6012[10,0]
age: 4006546
x-cache: HIT TCP_HIT dirn:11:257617605
x-swift-savetime: Thu, 18 Apr 2024 20:10:09 GMT
x-swift-cachetime: 28986038
timing-allow-origin: *
eagleid: 3daa502a17153595935765040e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (28)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers