Report Overview
Visitedpublic
2023-11-21 03:22:50
Tags
Submit Tags
URL
qu.ax/kVDT.zip
Finishing URL
about:privatebrowsing
IP / ASN
45.95.232.15
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
qu.ax 3 alert(s) on this Domain | unknown | 2019-10-23 | 2019-12-22 20:42:29 | 2023-11-19 19:48:27 | 470 B | 658 kB | 45.95.232.15 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | Internal IP | ET INFO Anonymous File Sharing Domain in DNS Lookup (qu .ax) | |
| low | Client IP | Internal IP | ET INFO Anonymous File Sharing Domain in DNS Lookup (qu .ax) | |
| low | Client IP | 45.95.232.15 | ET INFO Observed Anonymous File Sharing Service Domain (qu .ax) in TLS SNI |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-11-20 | medium | qu.ax | Sinkholed |
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-11-20 | medium | qu.ax | Sinkholed |
ThreatFox
No alerts detected
File detected
URL
qu.ax/kVDT.zip
IP / ASN
45.95.232.15
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size658 kB (657962 bytes)
MD5dfb73550b16f3035977b82a6ab3a5bd3
SHA116a036f7b082c3343d6277ac54efd775404b4402
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| VirusTotal | suspicious |
JavaScript (0)
No Javascripts found
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET qu.ax/kVDT.zip | 45.95.232.15 | 200 OK | 658 kB | |||||||||||||
URL User Request GET HTTPS qu.ax/kVDT.zip IP / ASN 45.95.232.15 Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=deflate\012- data First Seen2023-11-20 Last Seen2023-11-24 Times Seen6 Size658 kB (657962 bytes) MD5dfb73550b16f3035977b82a6ab3a5bd3 SHA116a036f7b082c3343d6277ac54efd775404b4402 SHA25676f948c084b30647cc6fe5aa31ad9a8af237f8b3d3d48d7811fbe56c01a82057 Certificate Info IssuerLet's Encrypt Subject*.qu.ax Fingerprint5C:72:77:1A:58:2A:DE:05:E4:9C:46:D3:7A:6C:61:8B:A3:50:4F:74 ValidityTue, 17 Oct 2023 11:03:00 GMT - Mon, 15 Jan 2024 11:02:59 GMT Detections
HTTP Headers | ||||||||||||||||