Report - bestfile.io/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip

Report Overview

Visited public
2024-12-13 04:10:26
Tags
Submit Tags
URL
bestfile.io/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip
Finishing URL
about:privatebrowsing
IP / ASN
66.29.138.109
#22612 NAMECHEAP-NET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bestfile.io	unknown	2022-01-08	2022-03-08	2024-11-13	1.8 kB	5.9 kB	66.29.138.109
sdownload.s3.eu-central-003.backblazeb2.com	unknown	2016-07-13	2024-02-22	2024-11-13	950 B	742 kB	45.11.38.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
sdownload.s3.eu-central-003.backblazeb2.com/users/EBnkmWRDPGR0y/0fgbBiaTVPAcFU3_1734038540.zip?response-content-disposition=attachment%3B%20filename%3D%22Adobe-GenP-3.4.2-CGP.zip%22&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=0031c3f441a07cd0000000001%2F20241213%2Feu-central-003%2Fs3%2Faws4_request&X-Amz-Date=20241213T041002Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Signature=d3d528b887610481216f00eee5d27519ea5f7bfc1cff8f33e06be876fcd11b9d
IP
45.11.38.254
ASN
#40401 BACKBLAZE

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
741 kB (740913 bytes)
Hash
08d5c8105b2c3c592dc9470615cc0174
66b3eb4da007023b36b2e47dc5a8b6d81147b438
799e746efefe5b536f532d1d7f93ca03ddc2bd571494e5c6bb34a54fe274f79c

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 14/65

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

GET bestfile.io/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip

66.29.138.109

302 Found

590 B

URL User Request GET HTTP/1.1
bestfile.io/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip
IP
66.29.138.109:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectbestfile.io
FingerprintED:91:27:7B:3E:71:0E:77:96:DA:DA:F1:51:2D:92:75:74:73:50:8A
ValidityFri, 23 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
590 B (590 bytes)
Hash
44a13d14079320eed06570c52f1ed994
0e2ab2162cd8d5598e0d207ce8c151ee6d703625
4500aa33c6d0abebfd2c59b13eaa7f863b61aa5682f7d3bac58dd6ce35b36787

HTTP Headers

GET /download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip HTTP/1.1
Host: bestfile.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 13 Dec 2024 04:10:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Vary: Accept-Language,Accept-Encoding,User-Agent
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxFdURhSjMrdEdEK0xUVFNkQk5tbXc9PSIsInZhbHVlIjoiYmk2aXFEeXpMNDdNUkI0QWpQU0Q2UmszQ3Z4L1k0aGtOUm16Z2JsWmUzejRoMGJxMVh6MlR0RlhCdC93dStUNDlxeDlGZUFiNy9lYklKR25wRGhZM00zY0NCdk9lL3JiRlVua0tQbjJMVFNzM3M2elBwV2VpSEFkL2gxalNjMEMiLCJtYWMiOiIxZjQ0MzY0NDQ3NzVmNDI4YjQ1ODU5OTkwYTU2YTAwYTFmM2M2MDU0YTc5YmY0M2IwNzIwZDI4NmI5ZThhOTkyIiwidGFnIjoiIn0%3D; expires=Fri, 13 Dec 2024 06:10:01 GMT; Max-Age=7200; path=/; samesite=lax
filebob_user_session=eyJpdiI6InVhNUR4NjlJTVU3OTF6ZlBrSTdTNmc9PSIsInZhbHVlIjoicVptU0k3MDNOTVM1REl6UkVSY1dLdHYvRWhRc21nWGR6dkRxMm9WZ3I1ZFdDaEFMUFl5NGRVbDRFb3loOW9IMXVsMGl5bTY0Z2NpMjlhUUg3QVlSZU1OM0RCdFFFSU5OcWJGNWwyYkRrM3ZFc1o3SVZJQUVRRlhhek1jQ1JaWEMiLCJtYWMiOiI2MjNkZDg3NDZkYWFhZmY4ZTNmY2YzMjQ1NzFjNDlmYmU4NWVhMGY5ODlmZDAzMDRkMWFkZWVkM2E3NWI0Y2ZhIiwidGFnIjoiIn0%3D; expires=Fri, 13 Dec 2024 06:10:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: https://bestfile.io/en/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip

GET bestfile.io/en/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip

66.29.138.109

302 Found

2.4 kB

URL User Request GET HTTP/1.1
bestfile.io/en/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip
IP
66.29.138.109:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectbestfile.io
FingerprintED:91:27:7B:3E:71:0E:77:96:DA:DA:F1:51:2D:92:75:74:73:50:8A
ValidityFri, 23 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1103)
Size
2.4 kB (2374 bytes)
Hash
062576d74bbf1a4095d108336df7bb3c
3325dc5e0efe2a0a76d2780c79f8787cc76fb3a9
7ff4a6d9ab1e43f3883dedb97de11d8badbb7e9ad9617677ba3155f8e686ae49

HTTP Headers

GET /en/download/gx7XjHJ303OQU9z/N2p3Dop69mMa5/Adobe-GenP-3.4.2-CGP.zip HTTP/1.1
Host: bestfile.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkxFdURhSjMrdEdEK0xUVFNkQk5tbXc9PSIsInZhbHVlIjoiYmk2aXFEeXpMNDdNUkI0QWpQU0Q2UmszQ3Z4L1k0aGtOUm16Z2JsWmUzejRoMGJxMVh6MlR0RlhCdC93dStUNDlxeDlGZUFiNy9lYklKR25wRGhZM00zY0NCdk9lL3JiRlVua0tQbjJMVFNzM3M2elBwV2VpSEFkL2gxalNjMEMiLCJtYWMiOiIxZjQ0MzY0NDQ3NzVmNDI4YjQ1ODU5OTkwYTU2YTAwYTFmM2M2MDU0YTc5YmY0M2IwNzIwZDI4NmI5ZThhOTkyIiwidGFnIjoiIn0%3D; filebob_user_session=eyJpdiI6InVhNUR4NjlJTVU3OTF6ZlBrSTdTNmc9PSIsInZhbHVlIjoicVptU0k3MDNOTVM1REl6UkVSY1dLdHYvRWhRc21nWGR6dkRxMm9WZ3I1ZFdDaEFMUFl5NGRVbDRFb3loOW9IMXVsMGl5bTY0Z2NpMjlhUUg3QVlSZU1OM0RCdFFFSU5OcWJGNWwyYkRrM3ZFc1o3SVZJQUVRRlhhek1jQ1JaWEMiLCJtYWMiOiI2MjNkZDg3NDZkYWFhZmY4ZTNmY2YzMjQ1NzFjNDlmYmU4NWVhMGY5ODlmZDAzMDRkMWFkZWVkM2E3NWI0Y2ZhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 13 Dec 2024 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImRaN0dGOGpuTWp4Q2pMOXhPV2Y0d1E9PSIsInZhbHVlIjoiTkIvTCtTd0RjVUUrbFFqQ2MwUkRGQjAyR0Q3UzhuN0JKbE0yVHNlZERCUmVFaTEraXRiN01Gc09VZTVya083dEIzMmd1RUN3ZkxyalhGekxqdjU0QzU2TkRSbCtpalp6R0FNWW1XNDNzT1hrdkJRZWhHcDFWa0pZdEhLUm51L3AiLCJtYWMiOiJjODk4ZTAzZTg2MDliZjlhNTk4ZmZhZjc2MzExOTc1MTMwOGU4Njc5ZmZjZWI1OGQ0ZGQ3ZDZhMjU3NjNkN2QzIiwidGFnIjoiIn0%3D; expires=Fri, 13 Dec 2024 06:10:02 GMT; Max-Age=7200; path=/; samesite=lax
filebob_user_session=eyJpdiI6InN1TERwdnE1SFMzaFZReWJaVnF1OEE9PSIsInZhbHVlIjoibjA5Q3VVY2ZkY3RRVE93SVFCZUJtWDdUYVgxb3hOT2xuQ29uK1FXc29vOU1NYWVmanBha3FSZlFmdHZOT0FYSEhWbVFKQVUyazFwVUdYdFJlRG1rbmM4b1dScFZEbC9OVW91dHYzcGpubnJOcU0rbjJhbTdIMk1kVVVLSzJkOWIiLCJtYWMiOiI1MGUwMzY3YWZhYzdmODQ1NzEyNTc0ZjA5MDdjNzVlNGJmNTc4OWY3YWM4NWNmMGMyMjg1YWI0ZjRkMTRlNDVmIiwidGFnIjoiIn0%3D; expires=Fri, 13 Dec 2024 06:10:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: https://sdownload.s3.eu-central-003.backblazeb2.com/users/EBnkmWRDPGR0y/0fgbBiaTVPAcFU3_1734038540.zip?response-content-disposition=attachment%3B%20filename%3D%22Adobe-GenP-3.4.2-CGP.zip%22&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=0031c3f441a07cd0000000001%2F20241213%2Feu-central-003%2Fs3%2Faws4_request&X-Amz-Date=20241213T041002Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Signature=d3d528b887610481216f00eee5d27519ea5f7bfc1cff8f33e06be876fcd11b9d
Vary: Accept-Encoding,User-Agent

GET sdownload.s3.eu-central-003.backblazeb2.com/users/EBnkmWRDPGR0y/0fgbBiaTVPAcFU3_1734038540.zip?response-content-disposition=attachment%3B%20filename%3D%22Adobe-GenP-3.4.2-CGP.zip%22&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=0031c3f441a07cd0000000001%2F20241213%2Feu-central-003%2Fs3%2Faws4_request&X-Amz-Date=20241213T041002Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Signature=d3d528b887610481216f00eee5d27519ea5f7bfc1cff8f33e06be876fcd11b9d

45.11.38.254

200

741 kB

URL User Request GET HTTP/1.1
sdownload.s3.eu-central-003.backblazeb2.com/users/EBnkmWRDPGR0y/0fgbBiaTVPAcFU3_1734038540.zip?response-content-disposition=attachment%3B%20filename%3D%22Adobe-GenP-3.4.2-CGP.zip%22&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=0031c3f441a07cd0000000001%2F20241213%2Feu-central-003%2Fs3%2Faws4_request&X-Amz-Date=20241213T041002Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Signature=d3d528b887610481216f00eee5d27519ea5f7bfc1cff8f33e06be876fcd11b9d
IP
45.11.38.254:443
ASN
#40401 BACKBLAZE

Certificate
IssuerLet's Encrypt
Subjectbackblazeb2.com
Fingerprint83:0E:92:83:1D:E2:A5:DD:C2:37:DF:5B:DA:CF:C0:ED:02:55:BA:F0
ValidityFri, 15 Nov 2024 18:39:05 GMT - Thu, 13 Feb 2025 18:39:04 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
741 kB (740913 bytes)
Hash
08d5c8105b2c3c592dc9470615cc0174
66b3eb4da007023b36b2e47dc5a8b6d81147b438
799e746efefe5b536f532d1d7f93ca03ddc2bd571494e5c6bb34a54fe274f79c

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 14/65

HTTP Headers

GET /users/EBnkmWRDPGR0y/0fgbBiaTVPAcFU3_1734038540.zip?response-content-disposition=attachment%3B%20filename%3D%22Adobe-GenP-3.4.2-CGP.zip%22&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=0031c3f441a07cd0000000001%2F20241213%2Feu-central-003%2Fs3%2Faws4_request&X-Amz-Date=20241213T041002Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Signature=d3d528b887610481216f00eee5d27519ea5f7bfc1cff8f33e06be876fcd11b9d HTTP/1.1
Host: sdownload.s3.eu-central-003.backblazeb2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 13 Dec 2024 04:10:02 GMT
Content-Type: application/zip
Content-Length: 740913
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 12 Dec 2024 21:22:20 GMT
ETag: "08d5c8105b2c3c592dc9470615cc0174"
Content-Disposition: attachment; filename="Adobe-GenP-3.4.2-CGP.zip"
x-amz-server-side-encryption: AES256
x-amz-request-id: fa74e84ffdc7131c
x-amz-id-2: aMfhjmzNaZuM0uTT5MVhhpzC/NwNjUmRK
x-amz-version-id: 4_z114ce34f54e4c12a70570c1d_f109b8beb0a08f296_d20241212_m212220_c003_v0312008_t0012_u01734038540912
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=63072000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers