Report - 1727266374-v925.c9815738.cc/1024.zip

Report Overview

Visited public
2024-11-06 23:27:08
Tags
URL
1727266374-v925.c9815738.cc/1024.zip
Finishing URL
about:privatebrowsing
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
1727266374-v925.c9815738.cc	unknown	2024-09-23	2024-11-06	2024-11-06	490 B	1.2 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
1727266374-v925.c9815738.cc/1024.zip
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.2 MB (1209011 bytes)
Hash
be02212ff7f679594d80cfe9ee41e943
a6e9b11d8d7ac3b7a3d3a4dd99fa805a9db328f2
a1128566790d58be30d058caec354ae2dd1653c3ad836c3370e97857560fd9ae

Archive (4)

Modified	Filename	Size	Md5	File type
2024-09-30 23:55	_1024��_��ַ.html	1.4 MB	191ed2f790ed01bd8f81e8fae3aa495f	HTML document, ASCII text, with very long lines (65520), with CRLF line terminators
2024-09-30 23:54	_1024��ַ.html	1.4 MB	77d8030e6ab130d612e2fbbe896dbd33	HTML document, ASCII text, with very long lines (65520), with CRLF line terminators
2024-09-30 20:00	_1024��׿��-10.1��.apk	1.8 MB	86e3a5f53a63adb57ac737ed0c72fd1f	Android package (APK), with gradle app-metadata.properties Zip archive data, at least v0.0 to extract, compression method=deflate
2024-09-30 23:55	__ɨ��.��&�� _1024��.html	1.4 MB	15280afe83c4f878e148e21115befc55	HTML document, ASCII text, with very long lines (65520), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

1727266374-v925.c9815738.cc/1024.zip

188.114.97.1

200 OK

1.2 MB

URL User Request GET HTTP/2
1727266374-v925.c9815738.cc/1024.zip
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectc9815738.cc
FingerprintA8:F8:05:75:C4:B0:DB:1F:40:44:C5:3A:CE:0A:A0:B3:13:A0:13:C9
ValidityMon, 23 Sep 2024 07:40:29 GMT - Sun, 22 Dec 2024 07:40:28 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.2 MB (1209011 bytes)
Hash
be02212ff7f679594d80cfe9ee41e943
a6e9b11d8d7ac3b7a3d3a4dd99fa805a9db328f2
a1128566790d58be30d058caec354ae2dd1653c3ad836c3370e97857560fd9ae

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/65

HTTP Headers

GET /1024.zip HTTP/1.1
Host: 1727266374-v925.c9815738.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Nov 2024 23:26:44 GMT
content-type: application/zip
content-length: 1209011
last-modified: Mon, 30 Sep 2024 16:19:52 GMT
etag: "66facfa8-1272b3"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=HRyNw4kH3e0aY1YOx7c7rHLLKzTDuXcQag7mwYcAN9E-1730935604-1.0.1.1-2C7nSD.Wr0Yw6DOTi5HldtHlJP_D72FDBRuQ9qaQ08FYyMVHTFKmD0wWWYAN.KhaTgVHEeGFUgis91ezaTXmLA; path=/; expires=Wed, 06-Nov-24 23:56:44 GMT; domain=.c9815738.cc; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcWChGkWINJt3AWQBckU5N4Io4beNh7nyfoPvigqJFHCola4fMtNDsX41BnmEfBLwaJdVkreK6Xq8h1vlCUJWxcgoI4ot3fvx4b%2FIcDhGKqDsZe0oWemkuJVp08iRzvC%2BO4A5iO3yp%2Fs1U0uRd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8de8d9a0bdffb4f4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21889&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1132&delivery_rate=261466&cwnd=254&unsent_bytes=0&cid=5cf8c13cb6d2ecbb&ts=745&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers