Report Overview
Submitted URL
www.mcnellie.com/525/week5conjoint.doc
IP
65.254.227.240
ASN
#29873 BIZLAND-SD
Submitted
2024-03-28 08:10:44
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.mcnellie.com | unknown | 2001-05-11 | 2016-01-25 | 2024-03-28 | 492 B | 423 kB | 65.254.227.240 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-03-28 | medium | www.mcnellie.com/525/week5conjoint.doc | Related to CVE-2023-36884. Hunts for any zip-like archive (eg. office documents) that have an embedded .rtf file, based on the '.rtf' extension of the file. |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.mcnellie.com/525/week5conjoint.doc
IP
65.254.227.240
ASN
#29873 BIZLAND-SD
File type
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1252, Title: Weeks 5 & 6:: Specialized Interventions for Advanced Generalist Practice with Individuals, families and groups in a Rural Context: Behavioral and Cognitive Behavioral Interventions, Author: MCNELLIE, Template: Normal, Last Saved By: MCNELLIE, Revision Number: 3, Name of Creating Application: Microsoft Office Word, Total Editing Time: 13:00, Last Printed: Wed Sep 24 18:01:00 2008, Create Time/Date: Wed Sep 24 19:57:00 2008, Last Saved Time/Date: Wed Sep 24 20:09:00 2008, Number of Pages: 1, Number of Words: 26798, Number of Characters: 152754, Security: 0
Size
423 kB (422912 bytes)
Hash
3c56fb501065aa10cacd521b36acd470
9acf3f865d00f25821aef4e14f577f1d49a9e773
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Related to CVE-2023-36884. Hunts for any zip-like archive (eg. office documents) that have an embedded .rtf file, based on the '.rtf' extension of the file. |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
www.mcnellie.com/525/week5conjoint.doc | 65.254.227.240 | 200 OK | 423 kB | |||||||
Detections
HTTP Headers
| ||||||||||