Report - q5r8g8c5.rocketcdn.me/wp-content/uploads/2016/07/TurboV_Core

Report Overview

Visited public
2024-03-14 12:43:40
Tags
Submit Tags
URL
q5r8g8c5.rocketcdn.me/wp-content/uploads/2016/07/TurboV_Core_1.00.Z170.zip
Finishing URL
about:privatebrowsing
IP / ASN
194.242.11.186
#34989 ServeTheWorld AS
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
q5r8g8c5.rocketcdn.me	unknown	2018-10-29	2024-03-04 10:43:52	2024-03-04 10:43:52	528 B	1.1 kB	194.242.11.186
overclocking.com	361013	unknown	2014-11-28 07:55:02	2023-01-03 06:26:43	522 B	14 MB	185.100.5.50

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

GET q5r8g8c5.rocketcdn.me/wp-content/uploads/2016/07/TurboV_Core_1.00.Z170.zip

194.242.11.186

301 Moved Permanently

178 B

URL User Request GET HTTP/2
q5r8g8c5.rocketcdn.me/wp-content/uploads/2016/07/TurboV_Core_1.00.Z170.zip
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Certificate
IssuerLet's Encrypt
Subject*.rocketcdn.me
FingerprintDC:7C:C3:73:2C:21:2B:20:BA:58:2B:B7:B0:F6:44:DF:18:0C:54:72
ValidityMon, 26 Feb 2024 15:57:32 GMT - Sun, 26 May 2024 15:57:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /wp-content/uploads/2016/07/TurboV_Core_1.00.Z170.zip HTTP/1.1
Host: q5r8g8c5.rocketcdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 14 Mar 2024 12:43:10 GMT
content-type: text/html
content-length: 178
location: https://overclocking.com/wp-content/medias/2016/07/TurboV_Core_1.00.Z170.zip
server: BunnyCDN-NO1-830
cdn-pullzone: 1682639
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 301
cdn-cachedat: 03/14/2024 12:43:10
cdn-edgestorageid: 830
link: <https://overclocking.com/wp-content/uploads/2016/07/TurboV_Core_1.00.Z170.zip>; rel="canonical"
x-powered-by: RocketCDN - b
cdn-status: 301
cdn-requestid: f526ffe8e0f939860dddc02de94d082e
cdn-cache: MISS
vary: Accept-Encoding
X-Firefox-Spdy: h2

GET overclocking.com/wp-content/medias/2016/07/TurboV_Core_1.00.Z170.zip

185.100.5.50

200 OK

14 MB

URL User Request GET HTTP/2
overclocking.com/wp-content/medias/2016/07/TurboV_Core_1.00.Z170.zip
IP
185.100.5.50:443
ASN
#35393 CTS Computers and Telecommunications Systems SAS

Certificate
IssuerLet's Encrypt
Subjectoverclocking.com
Fingerprint6E:B7:FC:FA:3C:E9:DB:47:78:66:B0:F5:D2:CF:13:61:F6:67:A2:7B
ValidityWed, 14 Feb 2024 22:03:56 GMT - Tue, 14 May 2024 22:03:55 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
14 MB (14536456 bytes)
Hash
b2e64075238978818d19396c62f949d3
22901e4d347902f2039fb13cdae471a9988c80af
34dd0c6ee6b87c0bd873a448f6cae3974d67b7ad3b406456a93a937e58027d88

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/52

HTTP Headers

GET /wp-content/medias/2016/07/TurboV_Core_1.00.Z170.zip HTTP/1.1
Host: overclocking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 14 Mar 2024 12:43:10 GMT
content-type: application/zip
content-length: 14536456
last-modified: Mon, 16 Aug 2021 14:32:51 GMT
etag: "611a7713-ddcf08"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers