Report Overview

  1. Submitted URL

    redirect.wggames.cn/WGC/360_Wargaming_Game_Center_Install_WOWS_CN.exe?website=1&pub_id=wows_baidu2_key_0061&xid=baidu/baidu2-sem///0061&sid=SIDnbPRKmJ5yopcqAuDe_ObcoyIN7h9ywdadQAj7lb5xBTaOs6y7ELwmAg2p5OPbk4jZLo1hmd3Hsz-0FRLToFNjyzo31PFo6oAK-92ZVOBa9b0onRJdXfxwD68bHJhycAaLvTQrdYJ4Uy6HQ&enctid=cckdmzkds96k&lpsn=+wows-wggames-cn-ddy12-html-website-1&foris=1&teclient=1625404022381616316&utm_source=sem_brand&utm_medium=sem&utm_campaign=5ga9y1tv&utm_content=wows_baidu2_key_0061

  2. IP

    8.133.125.31

    ASN

    #37963 Hangzhou Alibaba Advertising Co.,Ltd.

  3. Submitted

    2024-05-11 03:42:45

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    6

  4. Threat Detection Systems

    0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
ocsp.crlocsp.cn175388unknownNo dataNo data
redirect.wggames.cnunknownunknownNo dataNo data
qgcdl.qihucdn.comunknownunknownNo dataNo data

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
high 61.170.79.223Client IP
ET POLICY PE EXE or DLL Windows file download HTTP
low 61.170.79.223Client IP
ET INFO EXE - Served Attached HTTP
high 61.170.79.223Client IP
ET POLICY PE EXE or DLL Windows file download HTTP
low 61.170.79.223Client IP
ET INFO EXE - Served Attached HTTP
medium 8.133.125.31Client IP
ET INFO Unconfigured nginx Access
medium 8.133.125.31Client IP
ET INFO Unconfigured nginx Access

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    qgcdl.qihucdn.com/wg/qgc360/prod/wgc_24.01.00.5433_cn/world_of_warships_install_cn.exe?website=1&pub_id=wows_baidu2_key_0061&xid=baidu/baidu2-sem///0061&sid=SIDnbPRKmJ5yopcqAuDe_ObcoyIN7h9ywdadQAj7lb5xBTaOs6y7ELwmAg2p5OPbk4jZLo1hmd3Hsz-0FRLToFNjyzo31PFo6oAK-92ZVOBa9b0onRJdXfxwD68bHJhycAaLvTQrdYJ4Uy6HQ&enctid=cckdmzkds96k&lpsn=+wows-wggames-cn-ddy12-html-website-1&foris=1&teclient=1625404022381616316&utm_source=sem_brand&utm_medium=sem&utm_campaign=5ga9y1tv&utm_content=wows_baidu2_key_0061

  2. IP

    61.170.79.223

  3. ASN

    #4812 China Telecom Group

  1. File type

    PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

    Size

    24 MB (23514456 bytes)

  2. Hash

    1010f510711fbf01cdd70d792923c5e8

    f485fccad8c4be585765fd8e318534f6dc15e426

JavaScript (1)

HTTP Transactions (4)

URLIPResponseSize
ocsp.crlocsp.cn/
140.207.198.246 471 B
redirect.wggames.cn/WGC/360_Wargaming_Game_Center_Install_WOWS_CN.exe?website=1&pub_id=wows_baidu2_key_0061&xid=baidu/baidu2-sem///0061&sid=SIDnbPRKmJ5yopcqAuDe_ObcoyIN7h9ywdadQAj7lb5xBTaOs6y7ELwmAg2p5OPbk4jZLo1hmd3Hsz-0FRLToFNjyzo31PFo6oAK-92ZVOBa9b0onRJdXfxwD68bHJhycAaLvTQrdYJ4Uy6HQ&enctid=cckdmzkds96k&lpsn=+wows-wggames-cn-ddy12-html-website-1&foris=1&teclient=1625404022381616316&utm_source=sem_brand&utm_medium=sem&utm_campaign=5ga9y1tv&utm_content=wows_baidu2_key_0061
8.133.125.31302 Moved Temporarily138 B
redirect.wggames.cn/
8.133.125.31 612 B
qgcdl.qihucdn.com/wg/qgc360/prod/wgc_24.01.00.5433_cn/world_of_warships_install_cn.exe?website=1&pub_id=wows_baidu2_key_0061&xid=baidu/baidu2-sem///0061&sid=SIDnbPRKmJ5yopcqAuDe_ObcoyIN7h9ywdadQAj7lb5xBTaOs6y7ELwmAg2p5OPbk4jZLo1hmd3Hsz-0FRLToFNjyzo31PFo6oAK-92ZVOBa9b0onRJdXfxwD68bHJhycAaLvTQrdYJ4Uy6HQ&enctid=cckdmzkds96k&lpsn=+wows-wggames-cn-ddy12-html-website-1&foris=1&teclient=1625404022381616316&utm_source=sem_brand&utm_medium=sem&utm_campaign=5ga9y1tv&utm_content=wows_baidu2_key_0061
61.170.79.223 24 MB