Report - www.saohuo35.life/address.zip

Report Overview

Visited public
2025-02-26 04:47:55
Tags
URL
www.saohuo35.life/address.zip
Finishing URL
about:privatebrowsing
IP / ASN
119.42.35.7
#132825 MYTEK TRADING PTY LTD
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.saohuo35.life	unknown	2025-02-07	2025-02-26	2025-02-26	495 B	850 kB	119.42.35.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.saohuo35.life/address.zip
IP
119.42.35.78
ASN
#132825 MYTEK TRADING PTY LTD

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
849 kB (848961 bytes)
Hash
e5de4f22e568ebb22e845cf2592c2d01
b5b714cd46de4451ff92c8f72aed3d1033371cce
ebe368edcc53e2ebbdad1a5eb4ff037e87611fa5e38d42ba09e7f6f33a343942

Archive (2)

Filename

Md5

File type

SEX8�Ӱ��̳ - �ؼҲ��·��2025.02.13�桿.txt

e129896dd1c1317124b8030dec7e6436

ISO-8859 text, with CRLF line terminators

�Ӱ��ַ��.exe

7403e682cf5f2a3c83e08f339747e54d

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 33/72

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.saohuo35.life/address.zip

119.42.35.78

200 OK

849 kB

URL User Request GET HTTP/2
www.saohuo35.life/address.zip
IP
119.42.35.78:443
ASN
#132825 MYTEK TRADING PTY LTD

Certificate
IssuerLet's Encrypt
Subject*.rujiao26.fun
FingerprintBB:7F:6D:98:BA:2D:F6:61:4B:E2:D4:0E:E6:F7:86:AE:3C:27:7A:D0
ValiditySat, 08 Feb 2025 12:29:47 GMT - Fri, 09 May 2025 12:29:46 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
849 kB (848961 bytes)
Hash
e5de4f22e568ebb22e845cf2592c2d01
b5b714cd46de4451ff92c8f72aed3d1033371cce
ebe368edcc53e2ebbdad1a5eb4ff037e87611fa5e38d42ba09e7f6f33a343942

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 33/72

HTTP Headers

GET /address.zip HTTP/1.1
Host: www.saohuo35.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 26 Feb 2025 04:47:26 GMT
content-type: application/zip
content-length: 848961
last-modified: Tue, 25 Feb 2025 07:01:56 GMT
etag: "67bd6ae4-cf441"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
expires: Wed, 26 Feb 2025 04:57:26 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-remote-addr: 91.90.42.154
x-forwarded-port: 443
http-geo-ipcountry: NO
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (2)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers