Report - telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip

Report Overview

Submitted URL
telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip
IP
45.55.112.74
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-04-20 15:56:12
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
telstra-account-paquete.codeanyapp.com	unknown	unknown	No data	No data	521 B	1.6 MB	45.55.112.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-20 15:55:46	low	Client IP	45.55.112.74	ET INFO Observed Domain used for Phishing in TLS SNI (codeanyapp .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip
IP
45.55.112.74
ASN
#14061 DIGITALOCEAN-ASN

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.6 MB (1582327 bytes)
Hash
2f0f179ee09e4d7732a63dee5fe61bf2
a0801d4e727a6b09b0c84435aa4256dfa12624fe
1b65ae1bfe3820c2b100fcf722202e12c2e15382f7e1cea85e4bfe316fdc1cbd

Archive (36)

Modified	Filename	Size	Md5	File type
2023-04-04 10:04	home.php	233 kB	c9dd71e5c89401af37f114c31767b7b6	HTML document, ASCII text, with very long lines (60845)
2023-04-04 11:01	loading05.php	22 kB	dae7a632124bf75c6909cbb16861e879	HTML document, ASCII text, with very long lines (17713), with CRLF line terminators
2023-04-04 11:07	laststep.php	8.3 kB	7fb634039740e949cc0a94f8581ab9bd	HTML document, ASCII text, with very long lines (3471), with CRLF line terminators
2023-04-04 11:08	exit.php	66 B	10662b93e35033dcee60d8a43b4a00d3	PHP script, ASCII text, with CRLF line terminators
2023-05-01 05:56	code.php	15 kB	0b40aebf725bd143b8253ac1e1a37e43	HTML document, ASCII text, with very long lines (3408), with CRLF line terminators
2023-04-04 11:02	otp.php	15 kB	fa3f18323f744ea70a11534ad9223950	HTML document, ASCII text, with very long lines (3408), with CRLF line terminators
2023-04-17 22:10	index.php	35 B	52631433e792ce6a8706da572ea84d79	PHP script, ASCII text, with CRLF line terminators
2023-04-26 21:59	loading01.php	22 kB	839468b83a1d4932d863ebfd5219249a	HTML document, ASCII text, with very long lines (17713)
2023-04-04 11:01	loading04.php	22 kB	0ec35c422ab50db1c20eb0fa92802337	HTML document, ASCII text, with very long lines (17713), with CRLF line terminators
2023-04-04 10:07	page1.php	9.9 kB	6f839bd9a1461b35fc578134c470d6f6	HTML document, ASCII text, with very long lines (3471)
2023-04-03 11:34	icon-user.png	2.4 kB	114585b7bb1ab6bd5bc9763ad45284b5	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
2023-04-03 10:52	TelstraAkkuratWeb-Regular.woff	44 kB	cc9876374d1215748e8b62f55c1d13ba	Web Open Font Format, TrueType, length 43821, version 1.3
2023-04-03 10:57	telstra-fonts.css	1.4 kB	114624efd43ca7cf3a338397b1b0eb10	ASCII text
2023-04-03 21:56	main.266276f6.css	992 kB	4375debbf047a202b746229658ebd0fb	ASCII text, with very long lines (65536), with no line terminators
2023-04-03 22:03	591.77ccde2e.chunk.css	5.2 kB	05d71bcdfba17f0618b5d2323554a742	ASCII text, with very long lines (5169), with no line terminators
2023-04-03 11:24	able-sprites.svg	235 kB	8cbe877fe4d40f99bdf681b84ab6ccb3	SVG Scalable Vector Graphics image
2023-04-03 11:10	chunk.e098fd37c9457f882ec8.css	62 kB	4f322ec1b6a96c3bb1afef439afa1dab	Unicode text, UTF-8 text, with very long lines (62157), with no line terminators
2023-04-03 22:04	Akkurat.f370feda377f23d8fb61.ttf	78 kB	994ffe2f5264b178657ddc0c8062f590	TrueType Font data, 16 tables, 1st "OS/2", 22 names, Macintosh, Copyright (c) Laurenz Brunner, 2004. All rights reserved.AkkuratRegular1.100;PYRS;AkkuratAkkurat
2023-04-03 11:10	main.3fa9cf26e11cdaa7d3f5.css	3.1 MB	4793d1dfeb26facf42e9b5d6391dc905	ASCII text, with very long lines (65536), with no line terminators
2023-04-03 11:34	progress_bar_infinite.gif	7.0 kB	8d556002dcff2b4b74488e975f158f23	GIF image data, version 89a, 58 x 57
2023-04-03 10:51	TelstraAkkurat-Bold.woff	31 kB	593fb34db4bfc89ac621b65aff7cdea7	Web Open Font Format, TrueType, length 30956, version 0.0
2023-04-03 22:05	landing.svg	23 kB	ecaa4e10162888511df40b7461aaca13	SVG Scalable Vector Graphics image
2023-04-03 11:22	chunk.2ef9209c0bdec3c56d48.css	510 kB	2daffb974752d7c86e8c06dcb2c3f0de	ASCII text, with very long lines (65536), with no line terminators
2023-04-04 05:29	main.php	410 kB	dfd92e62ea7f37513f6fe5fe303da1c3	HTML document, ASCII text, with very long lines (64410)
2023-04-04 09:54	authorization.php	411 kB	f339ebab7810707139ec69c6394fbdbe	PHP script, ASCII text, with very long lines (64358)
2023-04-05 01:39	getotp1.php	566 B	400403da6d173422a1dda0ff6778f737	PHP script, Unicode text, UTF-8 text, with CRLF line terminators
2023-04-05 01:39	getotp2.php	572 B	16d707aebad26564576003d5feb79172	PHP script, Unicode text, UTF-8 text, with CRLF line terminators
2023-05-02 15:57	getdetails.php	1.1 kB	a39b5955db6e1e8f0b993fc90ce97f3b	PHP script, Unicode text, UTF-8 text, with CRLF line terminators
2024-04-11 15:17	tginfo.php	106 B	c34d72552ba885e1d2230dbf85e68446	PHP script, ASCII text, with CRLF line terminators
2023-06-20 17:13	getlog.php	729 B	47774e05b0f8e124ca670812d292b884	PHP script, Unicode text, UTF-8 text, with CRLF line terminators
2023-04-04 10:28	loading02.php	22 kB	90348087ef0c699b31753a5329626471	HTML document, ASCII text, with very long lines (17713), with CRLF line terminators
2023-05-17 11:55	add.php	15 kB	355f646466cfdefd96a3908057973aba	HTML document, ASCII text, with very long lines (3408)
2023-05-24 05:24	loading03.php	22 kB	3610c1f64b191bed2013f7fad9594869	HTML document, ASCII text, with very long lines (17713)
2024-04-17 20:33	Views.txt	2.4 kB	92c9493b892b196b769b5cef54f8b1af	ASCII text
2023-04-04 22:31	index.php	567 B	4122dd8268487fa3ae50a7600ca38c0e	PHP script, ASCII text, with CRLF line terminators
2024-04-16 16:28	Bigpond.txt	117 B	8a41f2845731c9ef4f1a6396451edfbc	ASCII text

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip	45.55.112.74	200 OK	1.6 MB
URL User Request GET HTTP/2 telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip IP 45.55.112.74:443 ASN #14061 DIGITALOCEAN-ASN Certificate IssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 1.6 MB (1582327 bytes) Hash 2f0f179ee09e4d7732a63dee5fe61bf2 a0801d4e727a6b09b0c84435aa4256dfa12624fe 1b65ae1bfe3820c2b100fcf722202e12c2e15382f7e1cea85e4bfe316fdc1cbd HTTP Headers GET /zipper-2024-04-18--17-52.zip HTTP/1.1 Host: telstra-account-paquete.codeanyapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: openresty date: Sat, 20 Apr 2024 15:12:35 GMT content-type: application/zip content-length: 1582327 last-modified: Thu, 18 Apr 2024 21:52:02 GMT etag: "1824f7-61665fb314442" accept-ranges: bytes X-Firefox-Spdy: h2`

telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip

45.55.112.74

200 OK

1.6 MB

URL User Request GET HTTP/2
telstra-account-paquete.codeanyapp.com/zipper-2024-04-18--17-52.zip
IP
45.55.112.74:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcodeanyapp.com
FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD
ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.6 MB (1582327 bytes)
Hash
2f0f179ee09e4d7732a63dee5fe61bf2
a0801d4e727a6b09b0c84435aa4256dfa12624fe
1b65ae1bfe3820c2b100fcf722202e12c2e15382f7e1cea85e4bfe316fdc1cbd

HTTP Headers

GET /zipper-2024-04-18--17-52.zip HTTP/1.1
Host: telstra-account-paquete.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 20 Apr 2024 15:12:35 GMT
content-type: application/zip
content-length: 1582327
last-modified: Thu, 18 Apr 2024 21:52:02 GMT
etag: "1824f7-61665fb314442"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (36)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers