Report - ls.greywool.com/modules/zorder-0.1.zip

Report Overview

Visited public
2025-01-25 11:26:14
Tags
URL
ls.greywool.com/modules/zorder-0.1.zip
Finishing URL
about:privatebrowsing
IP / ASN
75.119.206.13
#26347 DREAMHOST-AS
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ls.greywool.com	unknown	2007-10-08	2013-02-08	2025-01-25	408 B	12 kB	75.119.206.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
ls.greywool.com/modules/zorder-0.1.zip
IP
75.119.206.13
ASN
#26347 DREAMHOST-AS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
12 kB (11768 bytes)
Hash
7add32a1b85b1a1a2345b7947672d3d1
0c282ad126075c9a972bbce1fbeca6561b2684c9
e6b55d8990778782c82d1f4df85ff029191c4bbd5d2c57810141f1b68ac28127

Archive (3)

Filename

Md5

File type

zorder.txt

86c9a3b4e8c8ad6b2cae3d7acff13d73

ASCII text, with CRLF line terminators

zorder.dll

7f15dc9ee2ae0bdf99182a76c5db2d11

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

win32spy.exe

ebb2b0946ba2dcab7b16bcbcb560e16c

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	ls.greywool.com/modules/zorder-0.1.zip	75.119.206.13	200 OK	12 kB
URL User Request GET HTTP/1.1 ls.greywool.com/modules/zorder-0.1.zip IP 75.119.206.13:80 ASN #26347 DREAMHOST-AS File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 12 kB (11768 bytes) Hash 7add32a1b85b1a1a2345b7947672d3d1 0c282ad126075c9a972bbce1fbeca6561b2684c9 e6b55d8990778782c82d1f4df85ff029191c4bbd5d2c57810141f1b68ac28127 HTTP Headers `GET /modules/zorder-0.1.zip HTTP/1.1 Host: ls.greywool.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 25 Jan 2025 11:25:50 GMT Server: Apache Upgrade: h2 Connection: Upgrade, Keep-Alive Last-Modified: Sat, 17 Sep 2011 22:59:02 GMT ETag: "2df8-4ad2b0e4d7980" Accept-Ranges: bytes Content-Length: 11768 Cache-Control: max-age=172800 Expires: Mon, 27 Jan 2025 11:25:50 GMT Vary: User-Agent Keep-Alive: timeout=5, max=100 Content-Type: application/zip`

ls.greywool.com/modules/zorder-0.1.zip

75.119.206.13

200 OK

12 kB

URL User Request GET HTTP/1.1
ls.greywool.com/modules/zorder-0.1.zip
IP
75.119.206.13:80
ASN
#26347 DREAMHOST-AS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
12 kB (11768 bytes)
Hash
7add32a1b85b1a1a2345b7947672d3d1
0c282ad126075c9a972bbce1fbeca6561b2684c9
e6b55d8990778782c82d1f4df85ff029191c4bbd5d2c57810141f1b68ac28127

HTTP Headers

GET /modules/zorder-0.1.zip HTTP/1.1
Host: ls.greywool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Jan 2025 11:25:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 17 Sep 2011 22:59:02 GMT
ETag: "2df8-4ad2b0e4d7980"
Accept-Ranges: bytes
Content-Length: 11768
Cache-Control: max-age=172800
Expires: Mon, 27 Jan 2025 11:25:50 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Content-Type: application/zip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (3)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers