Report - update.antp.be/misc/ClassCursor.zip

Report Overview

Submitted URL
update.antp.be/misc/ClassCursor.zip
IP
198.100.148.169
ASN
#16276 OVH SAS
Submitted
2024-04-18 19:36:52
Access
public
Website Title
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
update.antp.be	unknown	2002-01-23	2014-02-19	2024-03-25	489 B	234 kB	198.100.148.169

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
update.antp.be/misc/ClassCursor.zip
IP
198.100.148.169
ASN
#16276 OVH SAS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
233 kB (233241 bytes)
Hash
960f1bd6f9c54cce971a46e7b6570163
ef74097597fb81f94d8b83af44e15c6768fb7ee7
21523cc147e1f6629710a73fbb5de50be5e3aadcad50f3386201ce2c36bec597

Archive (8)

Filename

Md5

File type

Project1.cfg

9596f3cc7a2ce6ffefae3ad776318518

ASCII text, with CRLF line terminators

Project1.dof

b853d756b1b0e8ad37f8a58adf250205

Generic INItialization configuration [Compiler]

Project1.dpr

a863a3a775d3838118bf934fca5bf696

ASCII text, with CRLF line terminators

Project1.dsk

10b740f829e8798f255bdb5ec20805a8

Generic INItialization configuration [Modules]

Project1.res

7458543bd77f8b3edf09f430779b8484

MSVC .res

Unit1.dfm

97b01f673a6ce7efd7f619727b53a323

ASCII text, with CRLF line terminators

Unit1.pas

2036254c907f9db222552741e0699090

ASCII text, with CRLF line terminators

Project1.exe

c9357549ab885bbe7bd79456f6670c2f

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

update.antp.be/misc/ClassCursor.zip

198.100.148.169

233 kB

URL
update.antp.be/misc/ClassCursor.zip
IP
198.100.148.169:0
ASN
#16276 OVH SAS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
233 kB (233241 bytes)
Hash
960f1bd6f9c54cce971a46e7b6570163
ef74097597fb81f94d8b83af44e15c6768fb7ee7
21523cc147e1f6629710a73fbb5de50be5e3aadcad50f3386201ce2c36bec597

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

HTTP Headers

GET /misc/ClassCursor.zip HTTP/1.1
Host: update.antp.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
etag: "1119634577"
last-modified: Thu, 17 Mar 2005 23:00:00 GMT
content-length: 233241
accept-ranges: bytes
date: Thu, 18 Apr 2024 19:36:18 GMT
server: lighttpd/1.4.69
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (8)

Detections

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers