Report Overview

  1. Submitted URL

    zhivir.com/wp/U/

  2. IP

    38.117.65.129

    ASN

    #12212 RAVAND

  3. Submitted

    2022-09-09 03:00:51

    Access

  4. Website Title

  5. Final URL

  6. Tags

    None

  7. urlquery detections

    No alerts detected

Detections

  1. urlquery

    0

  2. Network Intrusion Detection

    0

  3. Threat Detection Systems

    6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
img-getpocket.cdn.mozilla.net16310001-01-01T00:00:00Z0001-01-01T00:00:00Z
firefox.settings.services.mozilla.com8670001-01-01T00:00:00Z0001-01-01T00:00:00Z
r3.o.lencr.org3440001-01-01T00:00:00Z0001-01-01T00:00:00Z
content-signature-2.cdn.mozilla.net11520001-01-01T00:00:00Z0001-01-01T00:00:00Z
contile.services.mozilla.com11140001-01-01T00:00:00Z0001-01-01T00:00:00Z
ocsp.digicert.com860001-01-01T00:00:00Z0001-01-01T00:00:00Z
zhivir.comunknown0001-01-01T00:00:00Z0001-01-01T00:00:00Z
push.services.mozilla.com21400001-01-01T00:00:00Z0001-01-01T00:00:00Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter
SeverityIndicatorAlert
mediumzhivir.com/wp/U/Malware

mnemonic secure dns
SeverityIndicatorAlert
mediumzhivir.comSinkholed

Quad9 DNS
SeverityIndicatorAlert
mediumzhivir.comSinkholed

Files detected

  1. URL

    zhivir.com/wp/U/

  2. IP

    38.117.65.129

  3. ASN

    #12212 RAVAND

  1. File type

    PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows\012- data

    Size

    670 kB (670467 bytes)

  2. Hash

    2a90a14fdd2824e4f0da754ec7c983cd

    be60a96fcc4120d5543ded0754ffd6d4ca81e9cb

    Detections

    AnalyzerVerdictAlert
    VirusTotal46/66

JavaScript (0)

HTTP Transactions (17)

URLIPResponseSize
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK939 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK5.3 kB
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK329 B
ocsp.digicert.com/
93.184.220.29200 OK471 B
zhivir.com/wp/U/
38.117.65.129200 OK670 kB
push.services.mozilla.com/
34.214.236.46101 Switching Protocols0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb358d56b-1529-49fb-acad-abce67fe4e95.jpeg
34.120.237.76200 OK10 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
34.120.237.76200 OK6.3 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe67ce8-0dbe-46fe-b313-0e2a78618af6.jpeg
34.120.237.76200 OK8.3 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg
34.120.237.76200 OK8.9 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
34.120.237.76200 OK9.0 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK8.4 kB