Report - suwa.pupu.jp/data/RL

Report Overview

Visitedpublic

2024-11-05 10:33:08

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
suwa.pupu.jp	unknown	2002-07-02	2016-06-10	2024-11-05	484 B	449 kB	157.7.107.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

suwa.pupu.jp/data/RL_v20.zip

IP / ASN

157.7.107.99

#7506 GMO Internet,Inc

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size448 kB (448526 bytes)

MD53108e41362b3398e1235d882709894c0

SHA1824538b12ddb35cf32c4219dc9389016907b16e0

SHA25611e1ebda5d2a4c49350fda4333ae06c12a14e8d92e09a1a68a2900cfdd4f03bf

Archive (5)

Modified	Filename	Size	MD5	File type
2005-08-01 00:00	hspsock.dll	38 kB	0c435f500b18a57b3f637a21b2e1845c	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2007-04-29 23:05	RhythmicaLyrics.chm	162 kB	f06d03ae36e43e0fb88ac1bc3c7ae3ac	MS Windows HtmlHelp Data
2007-04-29 22:56	RhythmicaLyrics.exe	361 kB	0d2f4596bd6b542774a427d698ba4127	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2004-10-14 01:55	Vox.dll	246 kB	29cf21c80ff86dc4f44cbad757676783	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2006-05-21 04:42	TimeTag.htm	29 kB	6f42b70c27768ff4efb85b5a85951197	HTML document, Non-ISO extended-ASCII text, with very long lines (369), with LF, NEL line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET suwa.pupu.jp/data/RL_v20.zip

157.7.107.99

200 OK

448 kB

URL

suwa.pupu.jp/data/RL_v20.zip

IP / ASN

157.7.107.99

#7506 GMO Internet,Inc

Requested byN/A

Resource Info

File typeZip archive data, at least v2.0 to extract, compression method=deflate

First Seen2024-11-05

Last Seen2024-11-05

Times Seen1

Size448 kB (448526 bytes)

MD53108e41362b3398e1235d882709894c0

SHA1824538b12ddb35cf32c4219dc9389016907b16e0

SHA25611e1ebda5d2a4c49350fda4333ae06c12a14e8d92e09a1a68a2900cfdd4f03bf

Certificate Info

IssuerLet's Encrypt

Subject*.main.jp

FingerprintB4:9A:81:0F:C7:3F:4A:B9:41:D5:FF:E3:3C:7C:0D:26:11:A6:B9:91

ValidityFri, 01 Nov 2024 04:06:28 GMT - Thu, 30 Jan 2025 04:06:27 GMT

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

HTTP Headers

GET /data/RL_v20.zip HTTP/1.1
Host: suwa.pupu.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Nov 2024 10:32:43 GMT
content-type: application/zip
server: Apache
last-modified: Thu, 07 Apr 2016 15:22:41 GMT
accept-ranges: none
vary: Range,Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2