Report Overview
Visitedpublic
2025-09-02 10:17:14
Tags
Submit Tags
URL
213.209.150.18/NUTU2GLnqodBsbZ.exe
Finishing URL
about:privatebrowsing
IP / ASN
213.209.150.18
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
213.209.150.18 8 alert(s) on this Domain | unknown | unknown | No data | No data | 920 B | 706 kB |  0.0.0.0 |  |
Nginx:1.26.3 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | 213.209.150.18 | Client IP | ET DROP Spamhaus DROP Listed Traffic Inbound group 62 | |
| medium | Client IP | 213.209.150.18 | ET INFO Executable Download from dotted-quad Host | |
| high | 213.209.150.18 | Client IP | ET POLICY PE EXE or DLL Windows file download HTTP | |
| medium | 213.209.150.18 | Client IP | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Quad9 DNS | 213.209.150.18 | malicious | Sinkholed |
File detected
URL
213.209.150.18/NUTU2GLnqodBsbZ.exe
IP / ASN
213.209.150.18
File Overview
File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
Size706 kB (706048 bytes)
MD5ef5088d93780cc4b4c5c7224f2160761
SHA1b700f0d0b4d7c016d08f7b4f50c884b4612485f7
JavaScript (0)
No JavaScripts
HTTP Transactions (2)
| URL | IP | Response | Size |
|---|