urlscan.io logo urlscan.io
SecurityTrails logo

308862.dnhdfh.cn Open in urlscan Pro
120.52.95.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_...
Effective URL: https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_...
Submission: On May 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 120.52.95.246, located in China and belongs to UNICOM-CN China Unicom IP network, CN. The main domain is 308862.dnhdfh.cn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 12th 2024. Valid for: 3 months.
This is the only time 308862.dnhdfh.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe 20 MB application/x-dosexec
MIME: PE32 executable (GUI) Intel 80386, for MS Windows
Size: 20 MB (21132320 bytes, 100% done)
Downloaded from: https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe

Domain & IP information

IP Address AS Autonomous System
1 120.52.95.246 133119 (UNICOM-CN...)
1 1
Apex Domain
Subdomains		 Transfer
1 dnhdfh.cn
308862.dnhdfh.cn
1 1
Domain Requested by
1 308862.dnhdfh.cn
1 1

This site contains no links.

Subject Issuer Validity Valid
*.dnhdfh.cn
ZeroSSL RSA Domain Secure Site CA		 2024-05-12 -
2024-08-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
Frame ID: 0ADF7342CA7E28D37AD2BC96FDE72D96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
308862.dnhdfh.cn/download/
Redirect Chain
  • http://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
  • https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
120.52.95.246 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
2475062
CloudServiceDiscount
CDN
Connection
keep-alive
Content-Disposition
attachment
Content-Length
21132320
Content-Type
binary/octet-stream
Date
Tue, 28 May 2024 20:53:16 GMT
ETag
"f5417cadf5c6a61c11c003c2bb39462f"
Last-Modified
Wed, 10 Apr 2024 09:05:17 GMT
Server
openresty
X-CCDN-CacheTTL
2592000
X-CCDN-Expires
127382
X-CCDN-REQ-ID-46B1
377b61ae7b657f49eae49771d373feb6
nginx-hit
1
via
CHN-HElangfang-AREACUCC1-CACHE4[38],CHN-HElangfang-AREACUCC1-CACHE51[0,TCP_HIT,14],CHN-TJ-GLOBAL1-CACHE97[21],CHN-TJ-GLOBAL1-CACHE51[0,TCP_HIT,17]
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSbsm5W9BEUv306ImBT5FqQuzX9KIMTA
x-amz-request-id
0000018ED24F373FEAEA5D5E2A0A735B
x-amz-tagging-count
0
x-hcs-proxy-type
1
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc

Redirect headers

Location
https://308862.dnhdfh.cn/download/c3a7c288c286c3a7c282c2b8c3a7c290c283c3afc2bcc29ac3a7c2bcc296c3a5c2b9c2b4c3a5c28fc2b2_4_308862.exe
Non-Authoritative-Reason
HttpsUpgrades

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

308862.dnhdfh.cn
120.52.95.246