urlscan.io logo urlscan.io
SecurityTrails logo

download.2345.com Open in urlscan Pro
101.226.27.240  Public Scan

Go To Rescan Add Verdict Report
URL: https://download.2345.com/QMfor2345IE.exe
Submission: On June 02 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 101.226.27.240, located in China and belongs to CHINANET-SH-AP China Telecom Group, CN. The main domain is download.2345.com. The Cisco Umbrella rank of the primary domain is 471485.
TLS certificate: Issued by TrustAsia RSA OV TLS CA G2 on October 18th 2022. Valid for: a year.
This is the only time download.2345.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

QMfor2345IE.exe 1 MB application/x-dosexec
MIME: PE32 executable (GUI) Intel 80386, for MS Windows
Size: 1 MB (1264160 bytes, 100% done)
Downloaded from: https://download.2345.com/QMfor2345IE.exe

Domain & IP information

IP Address AS Autonomous System
1 101.226.27.240 4812 (CHINANET-...)
1 1
Apex Domain
Subdomains		 Transfer
1 2345.com
download.2345.com — Cisco Umbrella Rank: 471485
1 1
Domain Requested by
1 download.2345.com
1 1

This site contains no links.

Subject Issuer Validity Valid
2345.com
TrustAsia RSA OV TLS CA G2		 2022-10-18 -
2023-11-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://download.2345.com/QMfor2345IE.exe
Frame ID: E01554E1FB957C745E39886E83437EEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request QMfor2345IE.exe
download.2345.com/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://download.2345.com/QMfor2345IE.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.226.27.240 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
579066
ali-swift-global-savetime
1685089799
content-length
1264160
content-type
application/octet-stream
date
Fri, 26 May 2023 08:29:59 GMT
eagleid
65e21ba816856688653165858e
etag
"532b9d19-134a20"
last-modified
Fri, 21 Mar 2014 01:59:53 GMT
server
Tengine
timing-allow-origin
*
via
cache77.l2cn3036[0,23,304-0,H], cache28.l2cn3036[25,0], vcache16.cn4756[0,0,200-0,H], vcache20.cn4756[1,0]
x-cache
HIT TCP_MEM_HIT dirn:10:78753624
x-swift-cachetime
2577594
x-swift-savetime
Fri, 26 May 2023 12:30:05 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

download.2345.com
101.226.27.240